TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Metrics
Affected Vendors & Products
References
History
Thu, 22 May 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Totolink
Totolink cp900 Totolink cp900 Firmware |
|
CPEs | cpe:2.3:h:totolink:cp900:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:cp900_firmware:6.3c.1144_b20190715:*:*:*:*:*:*:* |
|
Vendors & Products |
Totolink
Totolink cp900 Totolink cp900 Firmware |
Thu, 01 May 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-77 | |
Metrics |
cvssV3_1
|
Thu, 01 May 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T20:32:00.261Z
Reserved: 2025-04-22T00:00:00.000Z
Link: CVE-2025-44836

Updated: 2025-05-01T20:31:54.006Z

Status : Analyzed
Published: 2025-05-01T15:16:20.723
Modified: 2025-05-22T15:29:21.067
Link: CVE-2025-44836

No data.