CVE-2025-6621

moderate-risk

Published 2025-06-25

A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This affects the function QuickSetting of the file ap.so. The manipulation of the argument hour/minute leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Do I need to act?

2.2% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.3/10 Medium

NETWORK / LOW complexity

Affected Products (1)

Ca300-Poe Firmware

Affected Vendors

Totolink

References (8)

Exploit https://github.com/wudipjq/my_vuln/blob/main/totolink4/vuln_47/47.md

Exploit https://github.com/wudipjq/my_vuln/blob/main/totolink4/vuln_47/47.md#poc

Permissions Required https://vuldb.com/?ctiid.313839

Third Party Advisory https://vuldb.com/?id.313839

Third Party Advisory https://vuldb.com/?submit.602266

Product https://www.totolink.net/

Exploit https://github.com/wudipjq/my_vuln/blob/main/totolink4/vuln_47/47.md

Exploit https://github.com/wudipjq/my_vuln/blob/main/totolink4/vuln_47/47.md#poc

/ 100

moderate-risk

Severity 23/34 · High

Exploitability 5/34 · Minimal

Exposure 5/34 · Minimal