An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a remote attacker to execute arbitrary code via the sub_410E54 function of the cstecgi.cgi.
2025-04-03T20:15:24.117
2025-04-29T16:22:36.443
Analyzed
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | totolink | x18_firmware | 9.1.0cu.2024_b20220329 | Yes |
| Hardware | totolink | x18 | - | No |