3 matches found
CVE-2025-44846
TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
PT-2025-18658 · Totolink · Totolink Ca600-Poe
Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: The issue is related to a command injection vulnerability in the msg process function via the Url parameter. This allows attackers to execute arbitrary commands by crafting a specifi...
PT-2025-18657 · Totolink · Totolink Ca600-Poe
Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: A command injection issue was discovered in the setWebWlanIdx function through the webWlanIdx parameter. This issue allows attackers to execute arbitrary commands via a manipulated...