| Titel | TOTOLINK T6 V4.1.5cu.748 Command Injection |
|---|
| Beschreibung | TOTOLINK Mesh Wifi T6 router has a command injection vulnerability. This vulnerability can be triggered through the topicurl `clearPairCfg`. An attacker can implement a RCE attack by sending a malicious HTTP POST request.
|
|---|
| Quelle | ⚠️ https://github.com/ElvisBlue/Public/blob/main/Vuln/6.md |
|---|
| Benutzer | ElvisBlue (UID 87432) |
|---|
| Einreichung | 13.07.2025 18:51 (vor 11 Monaten) |
|---|
| Moderieren | 13.07.2025 22:59 (4 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 316315 [TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi clearPairCfg ip erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|