- Manufacturer's website information:https://www.totolink.net/
- Firmware download address :https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/247/ids/36.html
- Version :TOTOLINK X6000R V9.4.0cu.652_B20230116、TOTOLINK X6000R V9.4.0cu.852_B20230719
TOTOLINK X6000R (V9.4.0cu.652_B20230116)was found to contain a command insertion vulnerability in setting/setTracerouteCfg.This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.