CVE-2025-9934 | TOTOLINK X5000R 9.1.0cu.2415_B20250515 /cgi-bin/cstecgi.cgi sub_410C34 pid command injection

Inserito da Angelo Barbosa | Set 3, 2025 | CVE

A vulnerability classified as critical has been found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. This affects the function sub_410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection.

This vulnerability is known as CVE-2025-9934. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2025-9934 | TOTOLINK X5000R 9.1.0cu.2415_B20250515 /cgi-bin/cstecgi.cgi sub_410C34 pid command injection

Post correlati

CVE-2024-38759 | WP MEDIA SAS Search & Replace Plugin up to 3.2.2 on WordPress deserialization

CVE-2024-53842 | Google Android cc_MmConManagement.c cc_SendCcImsInfoIndMsg out-of-bounds write

CVE-2025-23054 | HPE Aruba Networking Fabric Composer AFC up to 7.1.0 Web-based Management Interface access control

CVE-2025-7409 | code-projects Mobile Shop 1.0 /LoginAsAdmin.php email sql injection