CVE-2025-6618 | TOTOLINK CA300-PoE 6.2c.884 wps.so SetWLanApcliSettings PIN os command injection

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical. Affected is the function SetWLanApcliSettings of the file wps.so. The manipulation of the argument PIN leads to os command injection.

This vulnerability is traded as CVE-2025-6618. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More