| Title | TOTOLINK X5000R V9.1.0cu.2415_B20250515 Command Injection |
|---|
| Description | A vulnerability was determined in TOTOLINK X5000R V9.1.0cu.2415_B20250515. This impacts the function sub_410C34 of the file cstecgi.cgi. This manipulation of the argument pid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. |
|---|
| Source | ⚠️ https://github.com/Axelioc/CVE/blob/main/TOTOLINK/X5000R/sub_410C34/sub_410C34.md |
|---|
| User | Haaalion (UID 89556) |
|---|
| Submission | 08/28/2025 10:14 (8 months ago) |
|---|
| Moderation | 09/03/2025 13:33 (6 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 322336 [TOTOLINK X5000R 9.1.0cu.2415_B20250515 /cgi-bin/cstecgi.cgi sub_410C34 pid command injection] |
|---|
| Points | 18 |
|---|