PT-2025-29975 · Totolink · Totolink T6
Reisen_1943
·
Published
2025-07-14
·
Updated
2025-07-24
·
CVE-2025-7758
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TOTOLINK T6 versions prior to 4.1.5cu.748 B20211015
Description
A critical vulnerability exists in the TOTOLINK T6 router. This issue affects the
setDiagnosisCfg function within the /cgi-bin/cstecgi.cgi file of the HTTP POST Request Handler component. Manipulation of the ip argument can lead to a buffer overflow, potentially allowing for remote code execution. The exploit for this vulnerability has been publicly disclosed.Recommendations
TOTOLINK T6 versions prior to 4.1.5cu.748 B20211015: Update to version 4.1.5cu.748 B20211015 or a later version to resolve this issue.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Totolink T6