Home

Description

TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 (discovered in V2.1.8-B20201030.1539) contain an OS command injection vulnerability in the Boa formWsc handling functionality. An unauthenticated attacker can send specially crafted requests to trigger command execution via the targetAPSsid request parameter.

PUBLISHED Reserved 2025-04-15 | Published 2025-12-03 | Updated 2025-12-03 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unaffected

Any version before V3.4.0-B20250430
affected

Credits

YuChieh Kuo finder

ShiYi Xie finder

Zhen-Gao Liu finder

References

www.totolink.net/...menu_listtpl/download/id/154/ids/36.html patch

totolink.tw/support_view/N300RT product

www.vulncheck.com/advisories/totolink-n300rt-boa-formwsc-rce third-party-advisory

cve.org (CVE-2025-34319)

nvd.nist.gov (CVE-2025-34319)