CVE-2025-60702 — MEDIUM (6.5)

Vulnerability Description

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input via `websGetVar` and concatenates it directly into a `ping` system command executed via `CsteSystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Totolink	A950Rg Firmware	5.9c.4592_b20191022
Totolink	A950Rg	-

Related Weaknesses (CWE)

CWE-77

References

https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-A950RBroken Link
https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-A950RExploitThird Party Advisory
https://www.totolink.net/Product

FAQ

What is CVE-2025-60702?

CVE-2025-60702 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` paramete...

How severe is CVE-2025-60702?

CVE-2025-60702 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-60702?

Check the references section above for vendor advisories and patch information. Affected products include: Totolink A950Rg Firmware, Totolink A950Rg.