CNNVD-202506-2918 Information
Jun 22, 2025
cve
CNNVD ID
CNNVD-202506-2918
Related CVE
- CNNVD Published: 2025-06-22
Description (Chinese)
TOTOLINK A3002R是中国吉翁电子(TOTOLINK)公司的一款无线路由器。 TOTOLINK A3002R 1.1.1-B20200824.0128版本存在命令注入漏洞,该漏洞源于对文件/boafrm/formWlSiteSurvey中参数wlanif的错误操作导致os命令注入。
Description (English)
TOTOLINK A3002R is a wireless router of the Chinese company TOTOLINK. The TOTOLINK A3002R 1.1.1-B20200824.0128 version contains a command-injecting loophole, resulting from an error in the operation of wlanif, the parameter in document/boafrm/formWlSurvey.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
头歌
Published
2025-06-22
Last Modified
2026-02-24
References
https://vuldb.com/?submit.600727 https://www.totolink.net/ https://vuldb.com/?id.313593 https://vuldb.com/?ctiid.313593 https://github.com/wudipjq/my_vuln/blob/main/totolink3/vuln_34/34.md https://access.redhat.com/security/cve/cve-2025-6485
Share on: