- Description
- TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the mac parameter in the setEasyMeshAgentCfg function.
- Source
- cve@mitre.org
- NVD status
- Modified
- Products
- x18_firmware
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
Google fixed 40+ vulns in Oct 2025 bulletin, including a Chrome renderer RCE (CVE-2025-61045) that chains to full compromise. Pixel users, OTA now. Sideloading risks? Always scan APKs first. Who’s your go-to verifier app? #Hacking #CyberSecurity #Android https://t.co/lRYXoWVBIC
@cr34t0r_Cyxac
26 Oct 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-61045 TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the mac parameter in the setEasyMeshAgentCfg function. https://t.co/o08TJfryS6
@CVEnew
1 Oct 2025
354 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:x18_firmware:9.1.0cu.2053_b20230309:*:*:*:*:*:*:*",
"matchCriteriaId": "687EE3F9-E0C2-4BA5-92C9-E7465882B798",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:x18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9B188-E15C-4915-848A-4F6C2E6EB067",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]