Home

Description

TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

PUBLISHED Reserved 2025-04-22 | Published 2025-05-01 | Updated 2025-05-02 | Assigner mitre

References

www.totolink.net

github.com/...PoE/CloudSrvUserdataVersionCheck_url/readme.md

cve.org (CVE-2025-44843)

nvd.nist.gov (CVE-2025-44843)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.