Логотип exploitDog
bind: "CVE-2025-7525"
Консоль
Логотип exploitDog

exploitDog

bind: "CVE-2025-7525"

Количество 3

Количество 3

nvd логотип

CVE-2025-7525

20 дней назад

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS3: 6.3
EPSS: Низкий
github логотип

GHSA-9h9m-2xjq-cm6v

20 дней назад

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS3: 6.3
EPSS: Низкий
fstec логотип

BDU:2025-08497

25 дней назад

Уязвимость функции setTracerouteCfg() сценария cstecgi.cgi микропрограммного обеспечения mesh-системы TOTOLink T6, позволяющая нарушителю выполнить произвольный код

CVSS3: 6.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2025-7525

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS3: 6.3
2%
Низкий
20 дней назад
github логотип
GHSA-9h9m-2xjq-cm6v

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS3: 6.3
2%
Низкий
20 дней назад
fstec логотип
BDU:2025-08497

Уязвимость функции setTracerouteCfg() сценария cstecgi.cgi микропрограммного обеспечения mesh-системы TOTOLink T6, позволяющая нарушителю выполнить произвольный код

CVSS3: 6.3
2%
Низкий
25 дней назад

Уязвимостей на страницу