CNNVD-202510-055 Information

CNNVD ID

CNNVD-202510-055

Related CVE

CVE-2025-61044

• CNNVD Published: 2025-10-01

Description (Chinese)

TOTOLINK X18是中国吉翁电子（TOTOLINK）公司的一款千兆路由器。 TOTOLINK X18 V9.1.0cu.2053_B20230309版本存在命令注入漏洞，该漏洞源于setEasyMeshAgentCfg函数中agentName参数存在命令注入，可能导致执行任意代码。

Description (English)

TOTOLINK X18 is a gigabyte router of the Chinese company TOTOLINK. TOTOLINK X18 V9.1.0cu.2053 B20230309 has a command-injecting loophole, which results from the presence of antName parameter in the SetEasyMeshAgentCfg function, which may result in the execution of an arbitrary code.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

吉翁电子

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/ilovekeer/IOT/blob/main/TOTOLINK/X18/setEasyMeshAgentCfg/2.md