CVE-2025-7862
BaseFortify
Publication date: 2025-07-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| totolink | t6_firmware | v4.1.5cu.748_b20211015 |
| totolink | t6 | 3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7862 is a critical vulnerability in the TOTOLINK T6 router firmware version 4.1.5cu.748_B20211015. It affects the Telnet Service component, specifically the setTelnetCfg function in the /cgi-bin/cstecgi.cgi file. By manipulating the argument 'telnet_enabled' with the value '1', an attacker can enable the Telnet service remotely without any authentication. This missing authentication flaw allows unauthorized remote attackers to activate Telnet access and potentially gain root shell access on the device, leading to full system compromise. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing remote attackers to enable Telnet service on your TOTOLINK T6 router without any authentication. Once Telnet is enabled, attackers can gain root shell access, compromising the confidentiality, integrity, and availability of your device. This can lead to full system compromise, unauthorized control, and potential misuse of your network device. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the vulnerable CGI endpoint /cgi-bin/cstecgi.cgi is accessible and if the telnet service can be enabled remotely without authentication by manipulating the 'telnet_enabled' parameter. You can use network scanning tools like curl or wget to send a request to the endpoint with the parameter telnet_enabled=1 and observe if telnet is enabled. For example, a command like: curl -X POST "http://<target-ip>/cgi-bin/cstecgi.cgi" -d "setTelnetCfg&telnet_enabled=1" can be used to test if the endpoint accepts the request without authentication. Additionally, scanning for open telnet ports (usually port 23) on the device after the test can confirm if telnet was enabled. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying restrictive firewall rules to block unauthorized remote access to the vulnerable CGI endpoint /cgi-bin/cstecgi.cgi and the Telnet service port (usually port 23). Disabling Telnet service on the device if not needed is also recommended. Since the vulnerability allows remote enabling of Telnet without authentication, preventing external access to the device's management interface and the Telnet service is critical until a firmware update or patch is available. [2]