CVE-2025-52053

TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...

PT-2025-37705

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.1360 B20241207 Description: The vulnerability resides in the sub 417D74 function of the TOTOLINK X6000R router's firmware. The issue is due to a lack of data sanitization on the management level when processing...