EUVD-2025-21357

Malicious code in bioql PyPI...

TOTOLINK T6 CloudSrvVersionCheck Function Command Injection Vulnerability

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a command injection vulnerability that originates from the failure of the parameter ip of the function CloudSrvVersionCheck in the fil...

CVE-2025-7613

A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be...

CVE-2025-7613

Totolink T6 (version 4.1.5cu.748) is affected by a command-injection in CloudSrvVersionCheck (file /cgi-bin/cstecgi.cgi, HTTP POST Request Handler). The ip argument is mishandled, enabling remote command execution when crafted inputs are sent. Public exploitation is disclosed. Practical impact is...

TOTOLINK T6 注入漏洞

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a command injection vulnerability that originates from the failure of the parameter ip of the function CloudSrvVersionCheck in the fil...