CNNVD-202506-2634 Information
CNNVD ID
CNNVD-202506-2634
Related CVE
- CNNVD Published: 2025-06-20
Description (Chinese)
TOTOLINK N150RT是中国吉翁电子(TOTOLINK)公司的一款无线路由器。 TOTOLINK N150RT 3.4.0-B20190525版本存在命令注入漏洞,该漏洞源于文件/boa/formWSC中参数targetAPSsid处理不当导致os命令注入,可能导致远程攻击。
Description (English)
TOTOLINK N150RT is a wireless router of the Chinese company TOTOLINK. TOTOLINK N150RT 3.4.0-B20190525 has a command-injecting loophole, which stems from the mishandling of the parameter targetAPSsid in the document/boa/formWSC, which led to the injection of an Os command and could lead to a long-range attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
头歌
Published
2025-06-20
Last Modified
2026-02-24
References
https://vuldb.com/?submit.594650 https://www.totolink.net/ https://docs.google.com/document/d/1meuD3WLzPE0HHQAm_Ar6zx1NDyO29zsK/edit?usp=sharing&ouid=108490350035271792747&rtpof=true&sd=true https://vuldb.com/?ctiid.313299 https://vuldb.com/?id.313299 https://access.redhat.com/security/cve/cve-2025-6299
Share on: