When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The National Vulnerability Database (NVD) maintained by NISTshowsa large number of recently added flaws to Totolink hardware.
The A3300R seems to be particularly affected, with many command injection vulnerabilities.
Two critical vulnerabilities were also found in the N200RE, both of which can lead to buffer overflow attacks.
The issues with Totolink routers date back years, and have been implicated in large scale attacks.
In 2021, multiple flaws were also discovered in Totolink software, which could allow for remote attacks.
This software was part of the A300R2 router.
It was noted as being easily exploitable via a remote attack, letting threat actors execute arbitrary code.
Totolink is owned by Hong-Kong company Zioncom Holdings Limited.
The website for this firm is also flagged by Chrome as not having a valid SSL certificate.
