5 matches found
CVE-2025-28037
TOTOLINK A810R V4.1.2cu.5182B20201026 and A950RG V4.1.2cu.5161B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter...
CVE-2025-28037
creationtimestamp| type| source ---|---|--- 2025-04-22 19:09:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lngewds6zi2h 2025-04-22 20:54:50+00:00| seen| https://t.me/cvedetector/23532 2025-04-23 17:48:47+00:00| seen|...
CVE-2025-28037
TOTOLINK A810R V4.1.2cu.5182B20201026 and A950RG V4.1.2cu.5161B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter...
CVE-2025-28037
TOTOLINK A810R V4.1.2cu.5182B20201026 and A950RG V4.1.2cu.5161B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter...
CVE-2025-28037
CVE-2025-28037 affects TOTOLINK A810R (4.1.2cu.5182_B20201026) and A950RG (4.1.2cu.5161_B20200903). The issue is in the setDiagnosisCfg function, where the ipDomain parameter is not properly filtering construct command characters, enabling pre-auth remote command execution. Impact is reported as ...