Lucene search
K

The vulnerability of the tcpcheck_net function in the microprogramming software of the TOTOLink T6 system allows a intruder to execute arbitrary code.

🗓️ 20 Aug 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 2 Views

TOTOLink T6 tcpcheck_net flaw enables code execution via crafted POST ip parameter due to missing domain validation.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2025-7615
9 Sep 202520:51
circl
CNNVD
TOTOLINK T6 注入漏洞
14 Jul 202500:00
cnnvd
CNVD
TOTOLINK T6 clearPairCfg Function Command Injection Vulnerability
21 Jul 202500:00
cnvd
CVE
CVE-2025-7615
14 Jul 202515:14
cve
Cvelist
CVE-2025-7615 TOTOLINK T6 HTTP POST Request cstecgi.cgi clearPairCfg command injection
14 Jul 202515:14
cvelist
EUVD
EUVD-2025-21356
3 Oct 202520:07
euvd
NVD
CVE-2025-7615
14 Jul 202516:15
nvd
OSV
CVE-2025-7615
14 Jul 202516:15
osv
Positive Technologies
PT-2025-29475 · Totolink · Totolink T6
13 Jul 202500:00
ptsecurity
RedhatCVE
CVE-2025-7615
16 Jul 202515:59
redhatcve
Rows per page
Vulners
Node
totolinkt6Match4.1.5cu.748_b20211015

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

20 Aug 2025 00:00Current
7High risk
Vulners AI Score7
CVSS 36.3
CVSS 26.5
EPSS0.02619
2