A security flaw has been identified in the TOTOLINK X5000R router, specifically within the 'snprintf' function located in the '/cgi-bin/cstecgi.cgi?action=exportOvpn&type=user' endpoint. This vulnerability can be exploited by attackers to inject arbitrary commands into the system, potentially allowing for remote code execution. As the exploit has been publicly disclosed, affected users should take immediate action to mitigate risks associated with this security issue.
https://securityvulnerability.io/vulner ... 2025-14586