CVE-2025-44854 – Totolink CP900 Command Injection Vulnerability

May 1, 2025

CVE ID : CVE-2025-44854

Published : May 1, 2025, 2:15 p.m. | 1 hour, 10 minutes ago

Description : Totolink CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleThe AI-Powered DevOps revolution: Redefining developer collaboration

Next Article CVE-2025-44835 – D-Link DIR-816 Command Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

Satya Nadella says Microsoft’s AI model performance is “doubling every 6 months”, despite the estranged OpenAI partnership

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

Making V8 eager to compile your JavaScript

Unlock More from Salesforce with the PrecisionIQ Assessment

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

CVE-2025-44854 – Totolink CP900 Command Injection Vulnerability

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

Sam Altman says the “biblical demand” for ChatGPT-4o’s Ghibli memes has added one million users in just one hour, but “chill out a bit — our GPUs are melting”

US Coast Guard told to improve its cybersecurity, after warning raised that hacked ports could cost $2 billion per day

Error Corrupt System File 634 (0x27A): Fix it in 5 Steps

Best Free and Open Source Alternatives to Apple iMovie

Mozilla collabora con Ecosia per un web migliore

The product design process

How we test portable power stations at ZDNET in 2024

No cash, just exposure: Appleâ€™s unique deal to bring ChatGPT to its platforms

CVE-2025-44854 – Totolink CP900 Command Injection Vulnerability

Related Posts