CVE-2025-4269
published 2025-05-05CVE-2025-4269: A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi…
medium6.9CVSS 4.0
AVNACLATNPRNUINVCNVILVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | a720r | — | — |
| totolink | a720r_firmware | — | — |