CVE-2025-70329

HIGH

8.0

Beschreibung

TOTOLink X5000R v9.1.0cu_2415_B20250515 contains an OS command injection vulnerability in the setIptvCfg handler of the /usr/sbin/lighttpd executable. The vlanVidLan1 (and other vlanVidLanX) parameters are retrieved via Uci_Get_Str and passed to the CsteSystem function without adequate validation or filtering. This allows an authenticated attacker to execute arbitrary shell commands with root privileges by injecting shell metacharacters into the affected parameters.

CVE Details

CVSS v3.1 Bewertung8.0

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorADJACENT_NETWORK

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionNONE

Veroffentlicht2/23/2026

Zuletzt geandert2/24/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

totolink:x5000rtotolink:x5000r_firmware

Schwachen (CWE)

CWE-78

Referenzen

https://github.com/neighborhood-H/0-DAY/blob/main/Toto-link/X5000R/SetIptvCfg/report.md(cve@mitre.org)

https://www.notion.so/TOTOLINK-X5000R-SetIptvCfg-2d170566ca7f8027ad47e6b5429025fc?source=copy_link(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.