CVE-2025-6916 Information

Jul 01, 2025 cve

Description

A vulnerability which was classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/c0nyy/IoT_vuln/blob/main/TOTOLINK%20T6%20Vuln.md https://github.com/c0nyy/IoT_vuln/blob/main/TOTOLINK%20T6%20Vuln.md https://vuldb.com/?ctiid.314409 https://vuldb.com/?id.314409 https://vuldb.com/?submit.605101 https://www.totolink.net/

CNNVD-202506-3783 (Published: 2025-06-30)

Share on:

CVE-2025-6916 Information

Description

Reference

Related CNNVD