Details of VAR-202505-1841

ID

VAR-202505-1841

CVE

CVE-2025-4850

TITLE

TOTOLINK of N300RH Injection Vulnerability in Firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-005654

DESCRIPTION

A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. TOTOLINK of N300RH The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N300RH is a long-distance wireless router from China's TOTOLINK Electronics. TOTOLINK N300RH has a command injection vulnerability, which is caused by the parameter plugin_name in the file /cgi-bin/cstecgi.cgi failing to properly filter special characters and commands in the constructed command. No detailed vulnerability details are currently provided

Trust: 2.16

sources: NVD: CVE-2025-4850 // JVNDB: JVNDB-2025-005654 // CNVD: CNVD-2025-10918

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-10918

AFFECTED PRODUCTS

vendor:	totolink	model:	n300rh	scope:	eq	version:	6.1c.1390_b20191101	Trust: 1.0
vendor:	totolink	model:	n300rh	scope:	eq	version:	n300rh firmware 6.1c.1390 b20191101	Trust: 0.8
vendor:	totolink	model:	n300rh	scope:	eq	version:	-	Trust: 0.8
vendor:	totolink	model:	n300rh	scope:	-	version:	-	Trust: 0.8
vendor:	totolink	model:	n300rh 6.1c.1390 b20191101	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-10918 // JVNDB: JVNDB-2025-005654 // NVD: CVE-2025-4850

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-4850
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2025-005654
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2025-10918
value:	MEDIUM
Trust: 0.6

cna@vuldb.com:	CVE-2025-4850
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-005654
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-10918
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-4850
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-005654
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-10918 // JVNDB: JVNDB-2025-005654 // NVD: CVE-2025-4850

PROBLEMTYPE DATA

problemtype:	CWE-74	Trust: 1.0
problemtype:	CWE-77	Trust: 1.0
problemtype:	injection (CWE-74) [ others ]	Trust: 0.8
problemtype:	Command injection (CWE-77) [ others ]	Trust: 0.8
problemtype:	Command injection (CWE-77) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-005654 // NVD: CVE-2025-4850

EXTERNAL IDS

db:	NVD	id:	CVE-2025-4850	Trust: 3.2
db:	VULDB	id:	309321	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-005654	Trust: 0.8
db:	CNVD	id:	CNVD-2025-10918	Trust: 0.6

sources: CNVD: CNVD-2025-10918 // JVNDB: JVNDB-2025-005654 // NVD: CVE-2025-4850

REFERENCES

url:	https://vuldb.com/?id.309321	Trust: 1.8
url:	https://vuldb.com/?submit.575073	Trust: 1.8
url:	https://www.totolink.net/	Trust: 1.8
url:	https://github.com/ch13hh/tmp_store_cc/blob/main/tt/ta/m2.md	Trust: 1.6
url:	https://vuldb.com/?ctiid.309321	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-4850	Trust: 0.8

sources: CNVD: CNVD-2025-10918 // JVNDB: JVNDB-2025-005654 // NVD: CVE-2025-4850

SOURCES

db:	CNVD	id:	CNVD-2025-10918
db:	JVNDB	id:	JVNDB-2025-005654
db:	NVD	id:	CVE-2025-4850

LAST UPDATE DATE

2025-05-29T23:29:02.559000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-10918	date:	2025-05-28T00:00:00
db:	JVNDB	id:	JVNDB-2025-005654	date:	2025-05-26T04:58:00
db:	NVD	id:	CVE-2025-4850	date:	2025-05-24T00:57:35.620

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-10918	date:	2025-05-28T00:00:00
db:	JVNDB	id:	JVNDB-2025-005654	date:	2025-05-26T00:00:00
db:	NVD	id:	CVE-2025-4850	date:	2025-05-18T03:15:23.280