CRITICAL🇵🇱 Wersja polska

CVE-2025-52053

CVSS 9.8v3.1pub. 2025-09-15upd. 2025-09-20

TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74 function via the file_name parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.

🤖 AI Analysis
How it works

The vulnerability occurs in the sub_417D74 function, where the file_name parameter is not properly validated or sanitized before being passed to an interpreted system command (CWE-77). An attacker can craft a special network request containing a malicious payload in the file_name parameter, which causes embedded commands to be executed with the privileges of the process handling the request. The attack requires no authentication or user interaction, and the network interface is directly accessible over the network.

Impact

An attacker gains the ability to remotely execute arbitrary system commands on the device, which may lead to complete takeover of the router, leakage of configuration data, modification of network traffic, or use of the device as an entry point for further lateral movement in the network.

Mitigation & patch

Apply patches available from the manufacturer according to the references. Until the update is applied, it is recommended to restrict access to the device's administrative interface only from trusted IP addresses and isolate the device from unprotected network segments.

Who is affected

TOTOLINK X6000R with firmware version V9.4.0cu.1360_B20241207

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Totolink X6000r

    HW
    Totolink
    wszystkie wersje
  • Totolink X6000r Firmware

    OS
    Totolink
    9.4.0cu.1360_b20241207
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2025-11005CRITICAL9.3PL ✓ten sam produkt

OS Command Injection w TOTOLINK X6000R — zdalne wykonanie poleceń

CVE-2025-52906CRITICAL9.3PL ✓ten sam produkt

OS Command Injection w firmware routera TOTOLINK X6000R

CVE-2024-52723CRITICAL9.8PL ✓ten sam produkt

Command injection w TOTOLINK X6000R — zdalne wykonanie poleceń bez uwierzytelnienia

CVE-2023-52038CRITICAL9.8PL ✓ten sam produkt

Command Injection w TOTOLINK X6000R — wykonanie dowolnych poleceń

CVE-2023-52039CRITICAL9.8PL ✓ten sam produkt

Command injection w TOTOLINK X6000R umożliwia zdalne wykonanie kodu