Totolink

Ca600-poe Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2025-44846

Exploit
  • EPSS 8.02%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:31:42

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.3

CVE-2025-44847

Exploit
  • EPSS 6.1%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:31:50

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5

CVE-2025-44848

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 21.05.2025 19:47:27

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5

CVE-2025-44839

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:30:04

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted req...

6.5

CVE-2025-44840

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:30:14

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the svn parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.5

CVE-2025-44841

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:30:35

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted req...

6.5

CVE-2025-44842

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:30:58

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5

CVE-2025-44843

Exploit
  • EPSS 6.06%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:31:09

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.5

CVE-2025-44844

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:31:20

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

6.5

CVE-2025-44845

Exploit
  • EPSS 6.18%
  • Veröffentlicht 01.05.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 15:31:31

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.