Primary

Context

TOTOLINK X15 Command Injection Vulnerability in formMapReboot Function

Vulnerability

A critical command injection vulnerability has been identified in the TOTOLINK X15 router, specifically in version 1.0.0-B20230714.1105. The issue arises in the formMapReboot function within the file /boafrm/formMapReboot. The vulnerability is triggered by manipulating the deviceMacAddr argument, which lacks proper input validation, allowing for arbitrary command execution. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /boafrm/formMapReboot endpoint. The request must include a deviceMacAddr parameter with a crafted value that exploits the lack of input validation. This can be done using a standard web browser or a tool that allows for HTTP request manipulation, such as Burp Suite or Postman.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.6

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.6

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TOTOLINK X15 Command Injection Vulnerability in formMapReboot Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating