27 matches found
CVE-2025-44837
TOTOLINK CPE CP900 V6.3c.1144B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44841
TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
TOTOLINK CA300-PoE 安全漏洞
TOTOLINK CA300-PoE is a wireless access point from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK CA300-PoE version V6.2c.884B20180522, which stems from the CloudSrvUserdataVersionCheck function url parameter failing to correctly filter constructed command...
CVE-2025-44839
TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44861
TOTOLINK CA300-POE V6.2c.884B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
PT-2025-18664 · Totolink · Totolink Ca600-Poe
Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: A command injection issue was discovered in the CloudSrvUserdataVersionCheck function through the url parameter. This issue allows attackers to execute arbitrary commands via a...
PT-2025-18660 · Totolink · Totolink Ca600-Poe
Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: A command injection issue was discovered in the CloudSrvUserdataVersionCheck function via the magicid parameter. This issue allows attackers to execute arbitrary commands through a...