TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK Electronics. TOTOLINK N600R has a command injection vulnerability, which originates from the βMainβ function containing command injection, and can be exploited to execute arbitrary commands via the QUERY_STRING parameter.