Submit #563429: TOTOLINK A720R V4.1.5cu.374 Missing Authenticationinfo

TitleTOTOLINK A720R V4.1.5cu.374 Missing Authentication
DescriptionThe TOTOLINK A720R V4.1.5cu.374 firmware contains an unauthorized reboot device vulnerability. This vulnerability occurs when a POST request is sent to the /cgi-bin/cstecgi.cgi with the parameter {"topicurl":"RebootSystem"}, allowing an attacker to reboot the device without authentication.
Source⚠️ https://github.com/at0de/my_vulns/blob/main/TOTOLINK/A720R/RebootSystem.md
User
 153528990 (UID 64409)
Submission04/22/2025 03:42 (12 months ago)
Moderation05/04/2025 20:24 (13 days later)
StatusAccepted
VulDB entry307372 [TOTOLINK A720R 4.1.5cu.374 /cgi-bin/cstecgi.cgi topicurl missing authentication]
Points18

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!