ГлавнаяУязвимости → CVE-2025-9935
7.3высокая

CVE-2025-9935

Описание

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866_B20220506. This vulnerability affects the function sub_4159F8 of the file /web_cste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Затрагиваемое ПО
Totolink N600r firmwareTotolink N600r
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/mono7s/TOTOLINK/blob/main/N600R/TOTOLINK%20N600R%20Unauthorized_Command_Injection.mdhttps://vuldb.com/?ctiid.322337https://vuldb.com/?id.322337https://vuldb.com/?submit.643088https://www.totolink.net/