CVE-2025-7613 | TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi CloudSrvVersionCheck ip command injection

Inserito da Angelo Barbosa | Lug 13, 2025 | CVE

A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection.

The identification of this vulnerability is CVE-2025-7613. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7613 | TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi CloudSrvVersionCheck ip command injection

Post correlati

CVE-2024-46919 | Samsung 850/980/990/1080/1280/2100/9820/9825 loadOutputBuffers out-of-bounds write

CVE-2024-35345 | Diño Physics School Assistant 2.3 /classes/Users.php id cross site scripting

CVE-2024-27331 | Tracker Software PDF-XChange Editor EMF File Parser out-of-bounds

CVE-2023-52114 | Huawei HarmonyOS/EMUI ScreenReader Module access control