High severity7.3NVD Advisory· Published Jul 20, 2025· Updated Apr 29, 2026
CVE-2025-7862
CVE-2025-7862
Description
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument telnet_enabled with the input 1 leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Affected products
1- cpe:2.3:o:totolink:t6_firmware:v4.1.5cu.748_b20211015:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/5.mdnvdExploitThird Party Advisory
- github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/5.mdnvdExploitThird Party Advisory
- www.youtube.com/watchnvdExploit
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions Required
- www.totolink.netnvdProduct
News mentions
0No linked articles in our index yet.