Buffer Overflow Vulnerability in TOTOLink X6000R Routers
CVE-2025-25524

5.1MEDIUM

Key Information:

Vendor: TOTOLink
Status: X6000R
Vendor: CVE Published:; 11 February 2025

Summary

A buffer overflow vulnerability exists in TOTOLink X6000R routers due to insufficient length verification in the handling of Wi-Fi filtering rules. This oversight can be exploited by attackers to crash the affected router or execute arbitrary commands remotely, which poses a significant security risk to users relying on these devices for network connectivity.

References

https://gist.github.com/XiaoCurry/ce1f80afd2d8be8ca543437...

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Feb 7, 2025