T10 firmware

This hub aggregates every CVE we track for T10 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting T10 firmware.

• CVE-2025-14964TOTOLINK T10 cstecgi.cgi sprintf stack-based overflow9.8Dec 19, 2025
• CVE-2025-9533TOTOLINK T10 formLoginAuth.htm improper authentication7.3Aug 27, 2025
• CVE-2025-44655In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use...9.8Jul 21, 2025
• CVE-2025-6139TOTOLINK T10 shadow.sample hard-coded password3.9Jun 16, 2025
• CVE-2025-6138TOTOLINK T10 HTTP POST Request cstecgi.cgi setWizardCfg buffer overflow8.8Jun 16, 2025
• CVE-2025-6137TOTOLINK T10 HTTP POST Request cstecgi.cgi setWiFiScheduleCfg buffer overflow8.8Jun 16, 2025
• CVE-2025-5905TOTOLINK T10 POST Request cstecgi.cgi setWiFiRepeaterCfg buffer overflow8.8Jun 10, 2025
• CVE-2025-5904TOTOLINK T10 POST Request cstecgi.cgi setWiFiMeshName buffer overflow8.8Jun 10, 2025
• CVE-2025-5903TOTOLINK T10 POST Request cstecgi.cgi setWiFiAclRules buffer overflow8.8Jun 9, 2025
• CVE-2025-5902TOTOLINK T10 POST Request cstecgi.cgi setUpgradeFW buffer overflow8.8Jun 9, 2025
• CVE-2025-5901TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow8.8Jun 9, 2025
• CVE-2025-4496TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflow8.8May 10, 2025
• CVE-2024-9001TOTOLINK T10 cstecgi.cgi setTracerouteCfg os command injection6.3Sep 19, 2024
• CVE-2024-8577TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setStaticDhcpRules buffer overflow8.8Sep 8, 2024
• CVE-2024-8576TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setIpPortFilterRules buffer overflow8.8Sep 8, 2024