CNNVD-202509-650 Information
Sep 04, 2025
cve
CNNVD ID
CNNVD-202509-650
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
TOTOLINK N600R是中国吉翁电子(TOTOLINK)公司的一款无线路由器。 TOTOLINK N600R 4.3.0cu.7866_B20220506版本存在命令注入漏洞,该漏洞源于文件/web_cste/cgi-bin/cstecgi.cgi中函数sub_4159F8操作不当,可能导致命令注入攻击。
Description (English)
TOTOLINK N600R is a wireless router of the Chinese company TOTOLINK. TOTOLINK N600R 4.3.0Cu.7866 B20200506 has a command-injecting loophole that stems from the improper operation of the sub 4159F8 function in document/web cste/cgi-bin/cstecgi.cgi, which may result in an order-injecting attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
吉翁电子
Published
2025-09-04
Last Modified
2026-02-24
References
https://github.com/mono7s/TOTOLINK/blob/main/N600R/TOTOLINK%20N600R%20Unauthorized_Command_Injection.md https://vuldb.com/?ctiid.322337 https://vuldb.com/?id.322337 https://vuldb.com/?submit.643088 https://www.totolink.net/
Share on: