SecAlerts
CVE ListPricingSign Up
totolink logo

totolink

Security Risk Profile

59
/100
medium

Security Risk Score

Comprehensive risk assessment based on 1000 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from October 6, 2022 to present

1000
Total CVEs
830
Critical+High
1
Exploited
829
Unpatched

Threat Assessment

Avg CVSS
8.6
Base severity
Avg EPSS
1%
Exploit probability
Unpatched
829
Critical/High
Risk Level
59/100
medium
⚠️ 1 Active Exploits🆕 24Fresh (<7d)📈 67 in Last 30 Days

Severity Distribution

Critical
558
High
272
Medium
161
Low
9

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
7
<5%
519

Age Distribution

Common Weaknesses (CWE)

1
Command Injection
439
2
Buffer Overflow
298
3
OS Command Injection
258
4
Code Injection
25
5
XSS
25

Most Affected Products

1. TOTOLINK A3300R firmware77
2. TOTOLINK X5000r Firmware76
3. TOTOLINK X6000R Firmware61
4. TOTOLINK A7100ru Firmware53
5. TOTOLINK A3002R Firmware50

Recent Vulnerabilities

See more →
CVE-2026-9478
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setParentalRules os command injection

5/25/2026🔧 No Patch
CVE-2026-9477
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setAccessDeviceCfg os command injection

5/25/2026🔧 No Patch
CVE-2026-9476
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injection

5/25/2026🔧 No Patch
CVE-2026-9475
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setIpQosRules os command injection

5/25/2026🔧 No Patch
CVE-2026-9458
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setWanCfg os command injection

5/25/2026🔧 No Patch
CVE-2026-9457
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi UploadFirmwareFile os command injection

5/25/2026🔧 No Patch
CVE-2026-9456
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCfg os command injection

5/25/2026🔧 No Patch
CVE-2026-9455
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

5/25/2026🔧 No Patch
CVE-2026-9454
CVSS 9.8critical

Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injection

5/25/2026🔧 No Patch
CVE-2026-9436
CVSS 9.8EPSS 1%critical

Totolink A8000RU Web Management cstecgi.cgi setL2tpServerCfg os command injection

5/25/2026🔧 No Patch

Monitor totolink in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.