0xmania/cve

Releases0

submit cve

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-36837 ↗	Apr 29, 2026Wednesday, 29 April 2026, 15:16	7.5 HIGH	—
TOTOLINK A3002RU V3 <= V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the hostname parameter in the formMapDelDevice function.
CVE-2026-36841 ↗	Apr 29, 2026Wednesday, 29 April 2026, 15:16	9.8 CRITICAL	—
TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.
CVE-2026-26731 ↗	Feb 17, 2026Tuesday, 17 February 2026, 19:21	8.8 HIGH	—
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the formDnsv6 function.
CVE-2026-26732 ↗	Feb 17, 2026Tuesday, 17 February 2026, 19:21	8.8 HIGH	—
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the vpnUser or vpnPassword` parameters in the formFilter function.
CVE-2026-26736 ↗	Feb 17, 2026Tuesday, 17 February 2026, 19:21	8.8 HIGH	—
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function.