CVE-2025-44838 | TOTOLINK CPE CP900 6.3c.1144 setUploadUserData FileName command injection

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability, which was classified as critical, has been found in TOTOLINK CPE CP900 6.3c.1144. Affected by this issue is the function setUploadUserData. The manipulation of the argument FileName leads to command injection.

This vulnerability is handled as CVE-2025-44838. The attack may be launched remotely. There is no exploit available.

CVE-2025-44838 | TOTOLINK CPE CP900 6.3c.1144 setUploadUserData FileName command injection

Post correlati

CVE-2024-10619 | Tongda OA 2017 up to 11.10 next_detail.php repid sql injection

CVE-2024-9348 | Docker Desktop up to 4.34.2 Build View input validation

CVE-2024-8217 | SourceCodester E-Commerce Website 1.0 /Admin/registration.php fname sql injection

CVE-2025-24528 | MIT Kerberos 5 1.7 Incremental Propagation kadmind memory corruption