CNNVD-202507-2538 Information
CNNVD ID
CNNVD-202507-2538
Related CVE
- CNNVD Published: 2025-07-20
Description (Chinese)
TOTOLINK T6是中国吉翁电子(TOTOLINK)公司的一款无线双频路由器。 TOTOLINK T6 4.1.5cu.748_B20211015版本存在访问控制错误漏洞,该漏洞源于Telnet服务中setTelnetCfg函数对参数telnet_enabled处理不当导致缺少身份验证。
Description (English)
TOTOLINK T6 is a wireless dual-frequency router of the Chinese company TOTOLINK. TOTOLINK T6 4.1.5cu.748 B20211015 has an access control error loophole, which arises from the inappropriate handling of the SetTelnetCfg function against the parameter Telnet enabled in the Telnet service, resulting in a lack of identification.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
吉翁电子
Published
2025-07-20
Last Modified
2026-02-24
References
https://www.totolink.net/ https://vuldb.com/?submit.617643 https://github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/5.md https://github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/5.md#poc- https://www.youtube.com/watch?v=XeKu3tfeSME https://vuldb.com/?id.316975 https://vuldb.com/?ctiid.316975 https://access.redhat.com/security/cve/cve-2025-7862
Share on: