4 matches found
CVE-2025-6619
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...
CVE-2025-6619 TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...
CVE-2025-6619 TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...
CVE-2025-6619
CVE-2025-6619 applies to TOTOLINK CA300-PoE firmware 6.2c.884. The vulnerability is in the upgrade.so module, in the setUpgradeFW function, where improper handling of the FileName argument enables OS command injection . Exploitation is possible remotely, and multiple sources describe public discl...