CVE-2025-7613 | TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi CloudSrvVersionCheck ip command injection

Inserito da Angelo Barbosa | Lug 13, 2025 | CVE

A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection.

The identification of this vulnerability is CVE-2025-7613. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7613 | TOTOLINK T6 4.1.5cu.748 HTTP POST Request /cgi-bin/cstecgi.cgi CloudSrvVersionCheck ip command injection

Post correlati

CVE-2024-39523 | Juniper Networks Junos OS Evolved prior 22.4R2-EVO CLI os command injection (JSA82975)

CVE-2024-2008 | Modal Popup Box Plugin up to 1.5.2 on WordPress awl_modal_popup_box_shortcode code injection

CVE-2025-23880 | anmari amr Personalise Plugin up to 2.10 on WordPress cross-site request forgery

CVE-2023-6348 | Google Chrome prior 119.0.6045.199 Spellcheck type confusion