CNNVD-202507-1771 Information
Jul 13, 2025
cve
CNNVD ID
CNNVD-202507-1771
Related CVE
- CNNVD Published: 2025-07-13
Description (Chinese)
TOTOLINK T6是中国吉翁电子(TOTOLINK)公司的一款无线双频路由器。 TOTOLINK T6 4.1.5cu.748_B20211015版本存在注入漏洞,该漏洞源于文件/cgi-bin/cstecgi.cgi中函数setDiagnosisCfg对参数ip的错误操作导致命令注入。
Description (English)
TOTOLINK T6 is a wireless dual-frequency router of the Chinese company TOTOLINK. TOTOLINK T6 4.1.5cu.748 B20211015 has an injection loophole, which results from the error of the setDiagnosisCfg function in document/cgi-bin/cstecgi.cgi to the parameter ip.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
头歌
Published
2025-07-13
Last Modified
2026-02-24
References
https://vuldb.com/?submit.612935 https://www.totolink.net/ https://vuldb.com/?id.316221 https://github.com/ElvisBlue/Public/blob/main/Vuln/2.md#poc https://vuldb.com/?ctiid.316221 https://www.youtube.com/watch?v=T62BuSoHmoM https://access.redhat.com/security/cve/cve-2025-7524
Share on: