CNNVD-202512-371 Information
CNNVD ID
CNNVD-202512-371
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
TOTOLINK N300RT是中国吉翁电子(TOTOLINK)公司的一款符合 802.11n 标准的无线路由器。 TOTOLINK N300RT V3.4.0-B20250430之前版本存在操作系统命令注入漏洞,该漏洞源于Boa formWsc功能存在OS命令注入,可能导致执行任意命令。
Description (English)
TOTOLINK N300RT is a wireless router of the Chinese company TOTOLINK that meets the 802.11n standard. TOTOLINK N300RT V3.4.0-B20250430 had an operational system command leak, which originated in Boa formWsc having an OS inoculation, which could lead to the execution of arbitrary orders.
Hazard Level
High
Vulnerability Type
操作系统命令注入
Affected Vendor
吉翁电子
Published
2025-12-03
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/totolink-n300rt-boa-formwsc-rce https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/154/ids/36.html https://totolink.tw/support_view/N300RT https://access.redhat.com/security/cve/cve-2025-34319
Patch
https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/154/ids/36.html
Share on: