Product
Totolink N300RH version 6.1c.1353_B20190305 is vulnerable to remote command injection via manipulation of the 'admpass' argument in the setPasswordCfg function of the /cgi-bin/cstecgi.cgi file within the Web Management Interface, allowing for remote code execution.