ElvisBlue/Public

Releases0

Where I public some random stuff

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-7952 ↗	Jul 22, 2025Tuesday, 22 July 2025, 03:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. This vulnerability affects the function ckeckKeepAlive of the file wireless.so of the component MQTT Packet Handler. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7615 ↗	Jul 14, 2025Monday, 14 July 2025, 16:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7613 ↗	Jul 14, 2025Monday, 14 July 2025, 15:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7614 ↗	Jul 14, 2025Monday, 14 July 2025, 15:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7525 ↗	Jul 13, 2025Sunday, 13 July 2025, 10:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7524 ↗	Jul 13, 2025Sunday, 13 July 2025, 09:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7460 ↗	Jul 11, 2025Friday, 11 July 2025, 22:15	8.8 HIGH	9 HIGH
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.