CVE-2025-6619
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-25

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-25
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-06-25
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6619
EUVD
EUVD-2025-19129
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
totolink ca300-poe_firmware 6.2c.884
totolink ca300-poe *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an OS command injection flaw in the TOTOLINK CA300-PoE router firmware version 6.2c.884. It exists in the setUpgradeFW function where the FileName parameter is not properly sanitized, allowing an attacker to remotely inject and execute arbitrary operating system commands on the device by manipulating this parameter. [1, 2]


How can this vulnerability impact me? :

The vulnerability allows remote attackers to execute arbitrary OS commands on the affected router without authentication. This can lead to unauthorized control over the device, compromising its confidentiality, integrity, and availability. Attackers could disrupt network operations, steal sensitive information, or use the device as a foothold for further attacks. [2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for unusual or suspicious requests targeting the setUpgradeFW function, especially those containing the FileName parameter with potentially malicious input. Since the vulnerability involves OS command injection via the FileName argument, detection could involve inspecting network traffic for exploit attempts or scanning the device for signs of unauthorized command execution. Specific commands are not provided in the resources, but network monitoring tools or intrusion detection systems configured to detect command injection patterns targeting the firmware upgrade process could be used. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include replacing the affected TOTOLINK CA300-PoE device running firmware version 6.2c.884 with an alternative product, as no known countermeasures or patches are documented. Limiting network exposure of the device, disabling remote firmware upgrade functionality if possible, and monitoring for exploit attempts are recommended to reduce risk until a fix is available. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart