TOTOLINK wireless ceiling mount access point devices firmware version V5.3c.6665_B20180820 and prior contain a command injection vulnerability in the firmware upgrade handling logic. The recvUpgradeNewFw function improperly handles user-supplied input passed via the fwUrl parameter in conjunction with the newSvn parameter without adequate input sanitation. This allows an authenticated attacker to inject and execute arbitrary system commands during the firmware upgrade process. CVE-2025-44846 is potentially a duplicate of CVE-2025-44862. Exploitation evidence was first observed by the Shadowserver Foundation on 2026-01-20 (UTC).
Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.
Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.