Details of VAR-202511-0869

ID

VAR-202511-0869

CVE

CVE-2025-60702

TITLE

TOTOLINK A950RG Command Injection Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-29714

DESCRIPTION

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input via `websGetVar` and concatenates it directly into a `ping` system command executed via `CsteSystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface. The TOTOLINK A950RG is a next-generation Gigabit wireless router launched by TOTOLINK, a Chinese electronics company, supporting high-speed network connectivity and multi-device management. This vulnerability stems from the system.so binary file's failure to properly filter special characters and commands used in command construction. Detailed vulnerability information is currently unavailable

Trust: 1.44

sources: NVD: CVE-2025-60702 // CNVD: CNVD-2025-29714

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-29714

AFFECTED PRODUCTS

vendor:	totolink	model:	a950rg	scope:	eq	version:	5.9c.4592_b20191022	Trust: 1.0
vendor:	totolink	model:	a950rg v5.9c.4592 b20191022 all	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-29714 // NVD: CVE-2025-60702

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-60702
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-29714
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-29714
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-60702
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-29714 // NVD: CVE-2025-60702

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.0

sources: NVD: CVE-2025-60702

EXTERNAL IDS

db:	NVD	id:	CVE-2025-60702	Trust: 1.6
db:	CNVD	id:	CNVD-2025-29714	Trust: 0.6

sources: CNVD: CNVD-2025-29714 // NVD: CVE-2025-60702

REFERENCES

url:	https://github.com/yifan20020708/sgtaint-0-day/blob/main/totolink/totolink-a950rg/1.md	Trust: 1.6
url:	https://www.totolink.net/	Trust: 1.0
url:	https://github.com/yifan20020708/sgtaint-0-day/blob/main/totolink/totolink-a950rg/cve-2025-60702.md	Trust: 1.0

sources: CNVD: CNVD-2025-29714 // NVD: CVE-2025-60702

SOURCES

db:	CNVD	id:	CNVD-2025-29714
db:	NVD	id:	CVE-2025-60702

LAST UPDATE DATE

2025-12-19T22:50:29.393000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-29714	date:	2025-12-03T00:00:00
db:	NVD	id:	CVE-2025-60702	date:	2025-11-18T01:49:21.647

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-29714	date:	2025-12-02T00:00:00
db:	NVD	id:	CVE-2025-60702	date:	2025-11-13T20:15:52.923