A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. This affects the function sub_410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Metrics
Affected Vendors & Products
References
History
Wed, 03 Sep 2025 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. This affects the function sub_410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | |
Title | TOTOLINK X5000R cstecgi.cgi sub_410C34 command injection | |
Weaknesses | CWE-74 CWE-77 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-09-03T22:32:13.436Z
Reserved: 2025-09-03T11:32:57.357Z
Link: CVE-2025-9934

No data.

No data.

No data.

No data.