CNNVD-202510-054 Information

CNNVD ID

CNNVD-202510-054

Related CVE

CVE-2025-61045

• CNNVD Published: 2025-10-01

Description (Chinese)

TOTOLINK X18是中国吉翁电子（TOTOLINK）公司的一款千兆路由器。 TOTOLINK X18 V9.1.0cu.2053_B20230309版本存在命令注入漏洞，该漏洞源于setEasyMeshAgentCfg函数中mac参数存在命令注入，可能导致执行任意代码。

Description (English)

TOTOLINK X18 is a gigabyte router of the Chinese company TOTOLINK. TOTOLINK X18 V9.1.0cu.2053 B20230309 has a command-injecting loophole, which stems from the command-injecting of the mac parameter in the SetEasyMeshAgentCfg function, which may result in the execution of any code.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

吉翁电子

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/ilovekeer/IOT/blob/main/TOTOLINK/X18/setEasyMeshAgentCfg/1.md