Totolink: >> Cp900 Firmware >> 6.3c.566 Security Vulnerabilities
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.08
Published
2024-08-05
A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.012
Published
2024-08-05
A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service,
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-23
TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-23