CVE-2022-25131
TOTOLINK T6 V3 and T10 V2 routers expose a command-injection vulnerability in the function recvSlaveCloudCheckStatus. Exploitation is via a crafted MQTT packet, enabling arbitrary command execution on affected devices. Affected firmware/versions identified in the CVE entry are T6_V3_Firmware T6_V...