CVE-2025-2096 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setRebootScheCfg mode/week/minute/recHour os command injection

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection.

This vulnerability was named CVE-2025-2096. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-2096 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setRebootScheCfg mode/week/minute/recHour os command injection

Post correlati

CVE-2024-8247 | Newsletters Plugin up to 4.9.9.2 on WordPress Remote Code Execution

CVE-2024-13040 | Quanta Computer QOCA Aim Account Information User ID authorization

CVE-2024-12998 | code-projects Online Car Rental System 1.0 GET Parameter /index.php cross site scripting

CVE-2024-0905 | Fancy Product Designer Plugin up to 6.1.7 on WordPress cross site scripting