Search criteria
11 vulnerabilities found for CP900 by TOTOLINK
VAR-202408-0368
Vulnerability from variot - Updated: 2025-06-29 23:10A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202408-0368",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.566"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.566"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900 6.3c.566",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"cve": "CVE-2024-7464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2024-7464",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2024-005611",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-13894",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2024-7464",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-7464",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-005611",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2024-7464",
"trust": 1.0,
"value": "Medium"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2024-7464",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2024-005611",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-13894",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router from China\u0027s TOTOLINK Electronics. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-7464"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "CNVD",
"id": "CNVD-2025-13894"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-7464",
"trust": 3.2
},
{
"db": "VULDB",
"id": "273557",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13894",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"id": "VAR-202408-0368",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
}
]
},
"last_update_date": "2025-06-29T23:10:19.996000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/totolink/cp900/settelnetcfg.md"
},
{
"trust": 2.4,
"url": "https://vuldb.com/?submit.381334"
},
{
"trust": 1.6,
"url": "https://vuldb.com/?ctiid.273557"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?id.273557"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-7464"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"date": "2024-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"date": "2024-08-05T01:16:08.157000",
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13894"
},
{
"date": "2024-08-19T02:01:00",
"db": "JVNDB",
"id": "JVNDB-2024-005611"
},
{
"date": "2024-08-15T13:15:28.367000",
"db": "NVD",
"id": "CVE-2024-7464"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005611"
}
],
"trust": 0.8
}
}
VAR-202408-0172
Vulnerability from variot - Updated: 2025-06-19 23:36A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of cp900 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router. Attackers can use this vulnerability to cause the device to crash, execute arbitrary code, gain control of the device, and even further attack other networks or devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202408-0172",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.566"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.566"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900 6.3c.566",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"cve": "CVE-2024-7463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2024-7463",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2024-005612",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-12713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2024-7463",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-7463",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-005612",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2024-7463",
"trust": 1.0,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2024-7463",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2024-005612",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-12713",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of cp900 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router. Attackers can use this vulnerability to cause the device to crash, execute arbitrary code, gain control of the device, and even further attack other networks or devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-7463"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "CNVD",
"id": "CNVD-2025-12713"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-7463",
"trust": 3.2
},
{
"db": "VULDB",
"id": "273556",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-12713",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"id": "VAR-202408-0172",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
}
]
},
"last_update_date": "2025-06-19T23:36:23.554000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/totolink/cp900/uploadcustommodule.md"
},
{
"trust": 2.4,
"url": "https://vuldb.com/?submit.381333"
},
{
"trust": 1.6,
"url": "https://vuldb.com/?ctiid.273556"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?id.273556"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-7463"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"date": "2024-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"date": "2024-08-05T01:16:07.867000",
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-12713"
},
{
"date": "2024-08-19T02:01:00",
"db": "JVNDB",
"id": "JVNDB-2024-005612"
},
{
"date": "2024-08-15T13:15:55.170000",
"db": "NVD",
"id": "CVE-2024-7463"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-005612"
}
],
"trust": 0.8
}
}
VAR-202505-1262
Vulnerability from variot - Updated: 2025-06-12 02:27TOTOLINK CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-1262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.1144_b20190715"
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.1144 b20190715"
},
{
"model": "cp900 v6.3c.1144 b20190715",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"cve": "CVE-2025-44854",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-11981",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2025-44854",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2025-005541",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44854",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2025-005541",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2025-11981",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router from China\u0027s TOTOLINK Electronics. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44854"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "CNVD",
"id": "CNVD-2025-11981"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44854",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11981",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"id": "VAR-202505-1262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
}
]
},
"last_update_date": "2025-06-12T02:27:52.732000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/summermu/vulnforiot/tree/main/totolink_cp900/setupgradeuboot/readme.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44854"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"date": "2025-05-01T14:15:45.593000",
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11981"
},
{
"date": "2025-05-23T00:36:00",
"db": "JVNDB",
"id": "JVNDB-2025-005541"
},
{
"date": "2025-05-22T15:32:20.913000",
"db": "NVD",
"id": "CVE-2025-44854"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005541"
}
],
"trust": 0.8
}
}
VAR-202505-1263
Vulnerability from variot - Updated: 2025-06-12 02:27TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-1263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.1144_b20190715"
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.1144 b20190715"
},
{
"model": "cpe cp900 v6.3c.1144 b20190715",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"cve": "CVE-2025-44836",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-11980",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2025-44836",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2025-005542",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44836",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2025-005542",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2025-11980",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China\u0027s TOTOLINK Electronics. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44836"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "CNVD",
"id": "CNVD-2025-11980"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44836",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11980",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"id": "VAR-202505-1263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
}
]
},
"last_update_date": "2025-06-12T02:27:33.057000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/n0wstr/iotvuln/tree/main/cp900/setaprebootschecfg"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44836"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"date": "2025-05-01T15:16:20.723000",
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11980"
},
{
"date": "2025-05-23T00:36:00",
"db": "JVNDB",
"id": "JVNDB-2025-005542"
},
{
"date": "2025-05-22T15:29:21.067000",
"db": "NVD",
"id": "CVE-2025-44836"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005542"
}
],
"trust": 0.8
}
}
VAR-202505-1007
Vulnerability from variot - Updated: 2025-06-12 02:25TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-1007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.1144_b20190715"
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.1144 b20190715"
},
{
"model": "cpe cp900 v6.3c.1144 b20190715",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"cve": "CVE-2025-44837",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-11979",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2025-44837",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2025-005551",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44837",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2025-005551",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2025-11979",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China\u0027s TOTOLINK Electronics. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44837"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "CNVD",
"id": "CNVD-2025-11979"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44837",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11979",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"id": "VAR-202505-1007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
}
]
},
"last_update_date": "2025-06-12T02:25:44.576000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/n0wstr/iotvuln/tree/main/cp900/cloudsrvuserdataversioncheck"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44837"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"date": "2025-05-01T15:16:20.837000",
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11979"
},
{
"date": "2025-05-23T01:36:00",
"db": "JVNDB",
"id": "JVNDB-2025-005551"
},
{
"date": "2025-05-22T15:29:38.487000",
"db": "NVD",
"id": "CVE-2025-44837"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005551"
}
],
"trust": 0.8
}
}
VAR-202505-0525
Vulnerability from variot - Updated: 2025-06-12 02:01TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-0525",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.1144_b20190715"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.1144 b20190715"
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cpe cp900 v6.3c.1144 b20190715",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"cve": "CVE-2025-44838",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-11982",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2025-44838",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2025-005598",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44838",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2025-005598",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2025-11982",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CPE CP900 is an outdoor wireless CPE device from China\u0027s TOTOLINK Electronics. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44838"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "CNVD",
"id": "CNVD-2025-11982"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44838",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11982",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"id": "VAR-202505-0525",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
}
]
},
"last_update_date": "2025-06-12T02:01:21.250000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/n0wstr/iotvuln/tree/main/cp900/setuploaduserdata"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44838"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"date": "2025-05-01T15:16:20.950000",
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11982"
},
{
"date": "2025-05-23T03:39:00",
"db": "JVNDB",
"id": "JVNDB-2025-005598"
},
{
"date": "2025-05-22T15:29:50.967000",
"db": "NVD",
"id": "CVE-2025-44838"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK\u00a0 of \u00a0cp900\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005598"
}
],
"trust": 0.8
}
}
VAR-202303-2072
Vulnerability from variot - Updated: 2025-02-23 23:18TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router produced by China Zeon Electronics (TOTOLINK).
There is a command injection vulnerability in TOTOLINK CP900. The vulnerability stems from the failure of the setWebWlanIdx function to properly filter special characters, commands, etc. in constructing commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-2072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cp900",
"scope": "eq",
"trust": 1.0,
"vendor": "totolink",
"version": "6.3c.566_b20171026"
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": "cp900 firmware 6.3c.566 b20171026"
},
{
"model": "cp900",
"scope": null,
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900",
"scope": "eq",
"trust": 0.8,
"vendor": "totolink",
"version": null
},
{
"model": "cp900 6.3c.566 b20171026",
"scope": null,
"trust": 0.6,
"vendor": "totolink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"cve": "CVE-2022-28495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-51677",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-28495",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-28495",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-28495",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-28495",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-28495",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2023-51677",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1948",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router produced by China Zeon Electronics (TOTOLINK). \n\r\n\r\nThere is a command injection vulnerability in TOTOLINK CP900. The vulnerability stems from the failure of the setWebWlanIdx function to properly filter special characters, commands, etc. in constructing commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28495"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "VULMON",
"id": "CVE-2022-28495"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-28495",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-51677",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-28495",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "VULMON",
"id": "CVE-2022-28495"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"id": "VAR-202303-2072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
}
]
},
"last_update_date": "2025-02-23T23:18:59.242000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for TOTOLINK CP900 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/437241"
},
{
"title": "TOTOLINK CP900 Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=230944"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/b2efly/cve/blob/main/totolink/cp900/3/3.md"
},
{
"trust": 1.7,
"url": "https://github.com/b2efly/router/blob/main/totolink/cp900/3/3.md"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28495"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-28495/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "VULMON",
"id": "CVE-2022-28495"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "VULMON",
"id": "CVE-2022-28495"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"date": "2023-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28495"
},
{
"date": "2023-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"date": "2023-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"date": "2023-03-24T14:15:09.777000",
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"date": "2023-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28495"
},
{
"date": "2023-11-10T04:49:00",
"db": "JVNDB",
"id": "JVNDB-2022-021409"
},
{
"date": "2023-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1948"
},
{
"date": "2025-02-20T19:15:09.970000",
"db": "NVD",
"id": "CVE-2022-28495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TOTOLINK CP900 Command Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-51677"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1948"
}
],
"trust": 0.6
}
}
CVE-2024-7464 (GCVE-0-2024-7464)
Vulnerability from nvd – Published: 2024-08-05 01:00 – Updated: 2024-08-05 15:41
VLAI?
Title
TOTOLINK CP900 Telnet Service setTelnetCfg command injection
Summary
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-77 - Command Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
yhryhryhr_tu (VulDB User)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:totolink:cp900:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cp900",
"vendor": "totolink",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T15:38:51.698970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:34.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Telnet Service"
],
"product": "CP900",
"vendor": "TOTOLINK",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yhryhryhr_tu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in TOTOLINK CP900 6.3c.566 entdeckt. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion setTelnetCfg der Komponente Telnet Service. Durch das Beeinflussen des Arguments telnet_enabled mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T01:00:06.527Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-273557 | TOTOLINK CP900 Telnet Service setTelnetCfg command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.273557"
},
{
"name": "VDB-273557 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.273557"
},
{
"name": "Submit #381334 | TOTOLINK CP900 V6.3c.566 Command injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.381334"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP900/setTelnetCfg.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-04T10:21:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOTOLINK CP900 Telnet Service setTelnetCfg command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7464",
"datePublished": "2024-08-05T01:00:06.527Z",
"dateReserved": "2024-08-04T08:15:48.051Z",
"dateUpdated": "2024-08-05T15:41:34.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7463 (GCVE-0-2024-7463)
Vulnerability from nvd – Published: 2024-08-05 00:31 – Updated: 2024-08-05 13:55
VLAI?
Title
TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow
Summary
A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-120 - Buffer Overflow
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
yhryhryhr_tu (VulDB User)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:totolink:cp900_firmware:6.3c.566:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cp900_firmware",
"vendor": "totolink",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7463",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T13:54:15.892067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:20.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CP900",
"vendor": "TOTOLINK",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yhryhryhr_tu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In TOTOLINK CP900 6.3c.566 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion UploadCustomModule der Datei /cgi-bin/cstecgi.cgi. Durch Manipulieren des Arguments File mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T00:31:04.075Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-273556 | TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.273556"
},
{
"name": "VDB-273556 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.273556"
},
{
"name": "Submit #381333 | TOTOLINK CP900 V6.3c.566 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.381333"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP900/UploadCustomModule.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-04T10:21:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7463",
"datePublished": "2024-08-05T00:31:04.075Z",
"dateReserved": "2024-08-04T08:15:43.528Z",
"dateUpdated": "2024-08-05T13:55:20.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7464 (GCVE-0-2024-7464)
Vulnerability from cvelistv5 – Published: 2024-08-05 01:00 – Updated: 2024-08-05 15:41
VLAI?
Title
TOTOLINK CP900 Telnet Service setTelnetCfg command injection
Summary
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-77 - Command Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
yhryhryhr_tu (VulDB User)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:totolink:cp900:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cp900",
"vendor": "totolink",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T15:38:51.698970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:34.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Telnet Service"
],
"product": "CP900",
"vendor": "TOTOLINK",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yhryhryhr_tu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in TOTOLINK CP900 6.3c.566 entdeckt. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion setTelnetCfg der Komponente Telnet Service. Durch das Beeinflussen des Arguments telnet_enabled mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T01:00:06.527Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-273557 | TOTOLINK CP900 Telnet Service setTelnetCfg command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.273557"
},
{
"name": "VDB-273557 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.273557"
},
{
"name": "Submit #381334 | TOTOLINK CP900 V6.3c.566 Command injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.381334"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP900/setTelnetCfg.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-04T10:21:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOTOLINK CP900 Telnet Service setTelnetCfg command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7464",
"datePublished": "2024-08-05T01:00:06.527Z",
"dateReserved": "2024-08-04T08:15:48.051Z",
"dateUpdated": "2024-08-05T15:41:34.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7463 (GCVE-0-2024-7463)
Vulnerability from cvelistv5 – Published: 2024-08-05 00:31 – Updated: 2024-08-05 13:55
VLAI?
Title
TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow
Summary
A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
CWE
- CWE-120 - Buffer Overflow
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
yhryhryhr_tu (VulDB User)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:totolink:cp900_firmware:6.3c.566:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cp900_firmware",
"vendor": "totolink",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7463",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T13:54:15.892067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:55:20.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CP900",
"vendor": "TOTOLINK",
"versions": [
{
"status": "affected",
"version": "6.3c.566"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "yhryhryhr_tu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In TOTOLINK CP900 6.3c.566 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion UploadCustomModule der Datei /cgi-bin/cstecgi.cgi. Durch Manipulieren des Arguments File mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T00:31:04.075Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-273556 | TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.273556"
},
{
"name": "VDB-273556 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.273556"
},
{
"name": "Submit #381333 | TOTOLINK CP900 V6.3c.566 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.381333"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP900/UploadCustomModule.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-04T10:21:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOTOLINK CP900 cstecgi.cgi UploadCustomModule buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7463",
"datePublished": "2024-08-05T00:31:04.075Z",
"dateReserved": "2024-08-04T08:15:43.528Z",
"dateUpdated": "2024-08-05T13:55:20.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}