Totolink · Totolink N300Rt · CVE-2025-34319
**Name of the Vulnerable Software and Affected Versions**
TOTOLINK N300RT versions prior to V3.4.0-B20250430
**Description**
The TOTOLINK N300RT wireless router firmware contains an OS command injection issue in the Boa formWsc handling functionality. An unauthenticated attacker can trigger command execution by sending specially crafted requests through the `targetAPSsid` parameter.
**Recommendations**
Update to version V3.4.0-B20250430 or later.