3609 matches found
CVE-2025-7613 TOTOLINK T6 HTTP POST Request cstecgi.cgi CloudSrvVersionCheck command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be...
CVE-2025-7613 TOTOLINK T6 HTTP POST Request cstecgi.cgi CloudSrvVersionCheck command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be...
CVE-2025-7613
Totolink T6 (version 4.1.5cu.748) is affected by a command-injection in CloudSrvVersionCheck (file /cgi-bin/cstecgi.cgi, HTTP POST Request Handler). The ip argument is mishandled, enabling remote command execution when crafted inputs are sent. Public exploitation is disclosed. Practical impact is...
CVE-2025-7465
A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can ...
CVE-2025-7463
A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mitssid leads to buffer overflow. The atta...
TOTOLINK T6 注入漏洞
TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a command injection vulnerability that originates from the failure of the function delDevice's parameter ipAddr to correctly filter...
CVE-2025-7460
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...
CVE-2025-7525
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525 TOTOLINK T6 HTTP POST Request cstecgi.cgi setTracerouteCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525 TOTOLINK T6 HTTP POST Request cstecgi.cgi setTracerouteCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...
CVE-2025-7525
CVE-2025-7525 affects TOTOLINK T6 (4.1.5cu.748_B20211015). The vulnerability lies in the HTTP POST Request Handler’s setTracerouteCfg function within /cgi-bin/cstecgi.cgi, where improper handling of the command parameter permits remote command injection. Multiple connected sources confirm the att...
CVE-2025-7524
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
CVE-2025-7524
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
CVE-2025-7524 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
CVE-2025-7524
The CVE-2025-7524 entry concerns the TOTOLINK T6 router (version 4.1.5cu.748_B20211015). The vulnerability resides in the HTTP POST Request Handler’s cstecgi.cgi file, specifically in the setDiagnosisCfg function where the ip argument is manipulated, enabling remote command injection. The issue i...
CVE-2025-7524 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...
PT-2025-29474 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in the HTTP POST Request Handler component of the software. The delDevice function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through...
PT-2025-29473 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in TOTOLINK T6 version 4.1.5cu.748. The vulnerability is located within the CloudSrvVersionCheck function of the /cgi-bin/cstecgi.cgi file, part of the HTTP POST Request...
PT-2025-29475 · Totolink · Totolink T6
Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK T6. The vulnerability is due to command injection in the clearPairCfg function within the /cgi-bin/cstecgi.cgi...