CVE-2025-6619 – TOTOLINK CA300-PoE Command Injection Vulnerability

June 25, 2025

CVE ID : CVE-2025-6619

Published : June 25, 2025, 6:15 p.m. | 24 minutes ago

Description : A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5832 – Pioneer DMH-WT7600NEX Code Execution Vulnerability

Next Article CVE-2025-6618 – TOTOLINK CA300-PoE OS Command Injection Vulnerability

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-6619 – TOTOLINK CA300-PoE Command Injection Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation

Stability AI Introduces Adversarial Relativistic-Contrastive (ARC) Post-Training and Stable Audio Open Small: A Distillation-Free Breakthrough for Fast, Diverse, and Efficient Text-to-Audio Generation Across Devices

Best Telemedicine Apps That are Changing Remote Healthcare in 2025

CVE-2025-6291 – D-Link DIR-825 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

CVE-2025-37730 – Logstash SSL Verification MitM Vulnerability

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

CVE-2025-47964 – Microsoft Edge (Chromium-based) URI Spoofing

Xbox Game Pass gets DOOM: The Dark Ages, Revenge of the Savage Planet, a returning Warhammer game, and more

CVE-2025-6619 – TOTOLINK CA300-PoE Command Injection Vulnerability

Related Posts