Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> Ca600-Poe Firmware  >> 5.3c.6665_b20180820*  Security Vulnerabilities
CVE-2025-44847
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.3
EPSS Score
0.025
Published
2025-05-01
CVE-2025-44848
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.142
Published
2025-05-01
CVE-2025-44839
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44840
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the svn parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44841
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44842
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44843
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.029
Published
2025-05-01
CVE-2025-44844
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44845
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.5
EPSS Score
0.038
Published
2025-05-01
CVE-2025-44846
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
6.3
EPSS Score
0.034
Published
2025-05-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved