CVE-2025-4849 | TOTOLINK N300RH 6.1c.1390_B20191101 /cgi-bin/cstecgi.cgi CloudACMunualUpdateUserdata url command injection

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical. Affected by this issue is the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to command injection.

This vulnerability is handled as CVE-2025-4849. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More