CNNVD-202509-651 Information
CNNVD ID
CNNVD-202509-651
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
TOTOLINK X5000R是中国吉翁电子(TOTOLINK)公司的一个路由器。 TOTOLINK X5000R 9.1.0cu.2415_B20250515版本存在命令注入漏洞,该漏洞源于文件/cgi-bin/cstecgi.cgi中参数pid操作不当,可能导致命令注入攻击。
Description (English)
TOTOLINK X5000R is a router for the Chinese company TOTOLINK. TOTOLINK X5000R 9.1.0cu.2415 B20250515 contains a command-injection loophole, which stems from the inappropriate operation of the parameter pid in document/cgi-bin/cstecgi.cgi, which may result in an order-injection attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
吉翁电子
Published
2025-09-04
Last Modified
2026-02-24
References
https://github.com/Axelioc/CVE/blob/main/TOTOLINK/X5000R/sub_410C34/sub_410C34.md https://github.com/Axelioc/CVE/blob/main/TOTOLINK/X5000R/sub_410C34/sub_410C34.md#poc https://vuldb.com/?ctiid.322336 https://vuldb.com/?id.322336 https://vuldb.com/?submit.643048 https://www.totolink.net/
Share on: