CVE-2025-4269 | TOTOLINK A720R 4.1.5cu.374 Log /cgi-bin/cstecgi.cgi topicurl access control

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog leads to improper access controls.

The identification of this vulnerability is CVE-2025-4269. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4269 | TOTOLINK A720R 4.1.5cu.374 Log /cgi-bin/cstecgi.cgi topicurl access control

Post correlati

CVE-2023-2439 | UserPro Plugin 5.1.5 on WordPress Shortcode cross site scripting

CVE-2024-24479 | Wireshark up to 4.1.x wsutil/to_str.c format_fractional_part_nsecs buffer overflow

CVE-2023-49298 | OpenZFS up to 2.1.13/2.2.1 /etc/hosts.deny access control (ID 15526)

CVE-2025-2116 | Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery