A7100ru firmware
This hub aggregates every CVE we track for A7100ru firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
37
CVEs tracked
37
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL37
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting A7100ru firmware.
- CVE-2025-44655In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use...9.8
- CVE-2023-7095Totolink A7100RU HTTP POST Request main buffer overflow9.8
- CVE-2023-6906Totolink A7100RU HTTP POST Request main buffer overflow9.8
- CVE-2023-33556TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.9.8
- CVE-2023-30054TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.9.8
- CVE-2023-30053TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.9.8
- CVE-2023-26848TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.9.8
- CVE-2023-26978TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.9.8
- CVE-2023-27232TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.9.8
- CVE-2023-27231TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg.9.8
- CVE-2023-27229TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg.9.8
- CVE-2023-27135TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.9.8
- CVE-2023-25395TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules.9.8
- CVE-2023-24184TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability.9.8
- CVE-2023-24238TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.9.8
Product normalization is registry-driven with AI assist and human review. How it works