CVE-2025-4268 | TOTOLINK A720R 4.1.5cu.374 /cgi-bin/cstecgi.cgi topicurl missing authentication

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication.

This vulnerability was named CVE-2025-4268. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4268 | TOTOLINK A720R 4.1.5cu.374 /cgi-bin/cstecgi.cgi topicurl missing authentication

Post correlati

CVE-2024-46549 | TP-Link Kasa KP125M 1.0.3 MQTT Broker/API Gateway Privilege Escalation

CVE-2024-45767 | Dell OpenManage Enterprise up to 4.1 sql injection (dsa-2024-426)

CVE-2023-34462 | Oracle Utilities Network Management System 2.5.0.1/2.5.0.2/2.6.0.0 NMS Monitor denial of service

CVE-2024-30295 | Adobe Animate up to 23.0.5/24.0.2 null pointer dereference (apsb24-36)