Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
AnalysisAI
Remote code execution in Totolink N300RH firmware 6.1c.1353_B20190305 allows unauthenticated network attackers to execute arbitrary OS commands via command injection in the FileName parameter of the setUpgradeUboot function in upgrade.so. Publicly available exploit code exists for this vulnerability, which carries a CVSS 6.9 score reflecting network-accessible attack vector with low complexity and no authentication requirements.
Technical ContextAI
The vulnerability exists in the upgrade.so library within the Totolink N300RH router firmware, specifically in the setUpgradeUboot function that handles firmware upgrade operations. The flaw is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), meaning the function fails to properly sanitize or validate the FileName parameter before passing it to OS command execution routines. This allows an attacker to inject shell metacharacters or command sequences into what should be a filename, causing the underlying shell to interpret and execute injected commands with the privileges of the firmware process. The affected CPE is cpe:2.3:a:totolink:n300rh:*:*:*:*:*:*:*:*, indicating all versions of the N300RH product line are potentially affected, with confirmed vulnerability in firmware version 6.1c.1353_B20190305.
RemediationAI
Contact Totolink for current firmware updates for the N300RH model, as patched firmware versions should be available from https://www.totolink.net/. Upgrade the device to the latest available firmware release, which should address the command injection flaw in the setUpgradeUboot function. As an interim mitigation, restrict network access to the router's web management interface and firmware upgrade endpoints using firewall rules or local network segmentation, and consider disabling the upgrade function entirely if not actively needed. For organizations with multiple N300RH devices, implement inventory control to identify and remediate all affected units before they can be exploited.
OS command injection in the Totolink N300RH router (firmware 6.1c.1353_B20190305) allows remote unauthenticated attacker
Stack-based buffer overflow in the Totolink N300RH router (firmware 6.1c.1353_B20190305) allows remote attackers to corr
Remote unauthenticated attackers can execute arbitrary code on Totolink N300RH routers version 3.2.4-B20220812 by sendin
Remote authenticated attackers can execute arbitrary code on Totolink N300RH 3.2.4-B20220812 routers via buffer overflow
Buffer overflow in Totolink N300RH router firmware 3.2.4-B20220812 allows authenticated remote attackers to achieve comp
Buffer overflow in Totolink N300RH router firmware 3.2.4-B20220812 enables authenticated remote attackers to achieve cod
External file inclusion in Totolink N300RH firmware 6.1c.1353_B20190305 allows remote unauthenticated attackers to manip
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21851
GHSA-3cm3-qfjh-c5x9