CVE-2025-7154 Information

Jul 09, 2025 cve

Description

A vulnerability which was classified as critical has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the function sub_41A0F8 of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Hostname leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/FLY200503/IoT-vul/blob/master/Totolink/N200RE/README.md https://github.com/FLY200503/IoT-vul/blob/master/Totolink/N200RE/README.md https://vuldb.com/?ctiid.315092 https://vuldb.com/?id.315092 https://vuldb.com/?submit.606230 https://www.totolink.net/

CNNVD-202507-818 (Published: 2025-07-08)

Share on:

CVE-2025-7154 Information

Description

Reference

Related CNNVD