Vulnerability Details CVE-2025-70327
TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen (-). This allows remote authenticated attackers to inject arbitrary command-line options into the ping utility, potentially leading to a Denial of Service (DoS) by causing excessive resource consumption or prolonged execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.7%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-70327
-
cpe:2.3:h:totolink:x5000r:-
-
cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2415_b20250515