2 matches found
CVE-2025-44844
TOTOLINK CA600-PoE (V5.3c.6665_B20180820) has a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This could allow an attacker to execute arbitrary commands on the device. PT-2025-18665 provides a mitigation suggesting disabling the setUpgradeFW function and...
CVE-2025-44844
TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...