| 标题 | TOTOLINK X5000R V9.1.0cu.2415_B20250515 Command Injection |
|---|
| 描述 | A vulnerability was determined in TOTOLINK X5000R V9.1.0cu.2415_B20250515. This impacts the function sub_410C34 of the file cstecgi.cgi. This manipulation of the argument pid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. |
|---|
| 来源 | ⚠️ https://github.com/Axelioc/CVE/blob/main/TOTOLINK/X5000R/sub_410C34/sub_410C34.md |
|---|
| 用户 | Haaalion (UID 89556) |
|---|
| 提交 | 2025-08-28 10時14分 (8 月前) |
|---|
| 管理 | 2025-09-03 13時33分 (6 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 322336 [TOTOLINK X5000R 9.1.0cu.2415_B20250515 /cgi-bin/cstecgi.cgi sub_410C34 pid 权限提升] |
|---|
| 积分 | 18 |
|---|