PT-2025-48962 · Totolink · Totolink N300Rt
Shiyi Xie
+2
·
Publicado
2025-12-03
·
Atualizado
2025-12-03
·
CVE-2025-34319
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TOTOLINK N300RT versions prior to V3.4.0-B20250430
Description
The TOTOLINK N300RT wireless router firmware contains an OS command injection issue in the Boa formWsc handling functionality. An unauthenticated attacker can trigger command execution by sending specially crafted requests through the
targetAPSsid parameter.Recommendations
Update to version V3.4.0-B20250430 or later.
Correção
RCE
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Totolink N300Rt