CNNVD-202507-2853 Information

CNNVD ID

CNNVD-202507-2853

Related CVE

CVE-2025-7952

• CNNVD Published: 2025-07-22

Description (Chinese)

TOTOLINK T6是中国吉翁电子（TOTOLINK）公司的一款无线双频路由器。 TOTOLINK T6 4.1.5cu.748版本存在注入漏洞，该漏洞源于文件wireless.so中函数ckeckKeepAlive的错误操作导致命令注入攻击。

Description (English)

TOTOLINK T6 is a wireless dual-frequency router of the Chinese company TOTOLINK. The TOTOLINK T6 4.1.5cu.748 version has an injection loophole, which stems from the error in the wireless.so function ckeckKeepAlive, which resulted in the command injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

吉翁电子

Published

2025-07-22

Last Modified

2026-02-24

References

https://www.totolink.net/ https://github.com/ElvisBlue/Public/blob/main/Vuln/7.md#poc https://vuldb.com/?ctiid.317098 https://vuldb.com/?id.317098 https://vuldb.com/?submit.619319 https://access.redhat.com/security/cve/cve-2025-7952 https://nvd.nist.gov/vuln/detail/CVE-2025-7952