Ca600-poe Firmware Security Vulnerabilities and Issues — Ca600-poe Firmware CVE List

Lucene search

TotolinkCa600-poe Firmware

10 matches found

CVE•added 2025/05/01 5:15 p.m.•46 views

CVE-2025-44844

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS7.9AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•45 views

CVE-2025-44842

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS8AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•44 views

CVE-2025-44840

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the svn parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS8AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•44 views

CVE-2025-44843

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS8.3AI score0.15783EPSS

CVE•added 2025/05/01 5:15 p.m.•44 views

CVE-2025-44845

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS7.9AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•44 views

CVE-2025-44848

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS8.3AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•43 views

CVE-2025-44846

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.3CVSS8AI score0.15488EPSS

CVE•added 2025/05/01 5:15 p.m.•43 views

CVE-2025-44847

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.3CVSS8.3AI score0.1207EPSS

CVE•added 2025/05/01 5:15 p.m.•42 views

CVE-2025-44839

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS8.3AI score0.16062EPSS

CVE•added 2025/05/01 5:15 p.m.•42 views

CVE-2025-44841

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5CVSS7.9AI score0.16062EPSS