Neighborhood-Hacker Team

3 exploits Active since Feb 2026
CVE-2025-70327 WRITEUP CRITICAL WORKING POC
TOTOLINK X5000R v9.1.0cu_2415_B20250515 - Command Injection
TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen (-). This allows remote authenticated attackers to inject arbitrary command-line options into the ping utility, potentially leading to a Denial of Service (DoS) by causing excessive resource consumption or prolonged execution.
CVSS 9.8
CVE-2025-70328 WRITEUP HIGH WORKING POC
TOTOLINK X6000R v9.4.0cu.1498_B20250826 - Command Injection
TOTOLINK X6000R v9.4.0cu.1498_B20250826 contains an OS command injection vulnerability in the NTPSyncWithHost handler of the /usr/sbin/shttpd executable. The host_time parameter is retrieved via sub_40C404 and passed to a date -s shell command through CsteSystem. While the first two tokens of the input are validated, the remainder of the string is not sanitized, allowing authenticated attackers to execute arbitrary shell commands via shell metacharacters.
CVSS 8.8
CVE-2025-70329 WRITEUP HIGH WRITEUP
TOTOLink X5000R v9.1.0cu_2415_B20250515 - Command Injection
TOTOLink X5000R v9.1.0cu_2415_B20250515 contains an OS command injection vulnerability in the setIptvCfg handler of the /usr/sbin/lighttpd executable. The vlanVidLan1 (and other vlanVidLanX) parameters are retrieved via Uci_Get_Str and passed to the CsteSystem function without adequate validation or filtering. This allows an authenticated attacker to execute arbitrary shell commands with root privileges by injecting shell metacharacters into the affected parameters.
CVSS 8.0