CVE-2025-4270 | TOTOLINK A720R 4.1.5cu.374 Config /cgi-bin/cstecgi.cgi topicurl information disclosure

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to information disclosure.

This vulnerability is traded as CVE-2025-4270. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4270 | TOTOLINK A720R 4.1.5cu.374 Config /cgi-bin/cstecgi.cgi topicurl information disclosure

Post correlati

CVE-2024-12545 | Scratch & Win Plugin up to 2.7.1 on WordPress reset_installation cross-site request forgery

CVE-2023-6600 | OMGF GDPR Compliant, Faster Google Fonts Plugin up to 5.7.9 on WordPress authorization

CVE-2025-1582 | PHPGurukul Online Nurse Hiring System 1.0 /admin/all-request.php viewid sql injection

CVE-2023-6577 | Beijing Baichuo PatrolFlow 2530Pro up to 20231126 /log/mailsendview.php file path traversal