CVE-2025-4496 | TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R 4.1.8cu.5241_B20210927 /cgi-bin/cstecgi.cgi CloudACMunualUpdate FileName buffer overflow

Inserito da Angelo Barbosa | Mag 9, 2025 | CVE

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow.

This vulnerability was named CVE-2025-4496. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4496 | TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R 4.1.8cu.5241_B20210927 /cgi-bin/cstecgi.cgi CloudACMunualUpdate FileName buffer overflow

Post correlati

CVE-2024-11404 | Django Filer up to 3.2 Upload cross site scripting

CVE-2023-49673 | NeuVector Vulnerability Scanner Plugin up to 1.22 on Jenkins cross-site request forgery

CVE-2024-1745 | Testimonial Slider Plugin up to 2.3.6 on WordPress Setting improper authorization

CVE-2024-1642 | MainWP Dashboard Plugin up to 4.6.0.1 on WordPress posting_bulk cross-site request forgery