Hardcoded Password Vulnerability in TOTOLINK A810R Router
CVE-2025-28031

6.5MEDIUM

Key Information:

Vendor: TOTOLINK
Status: A810R
Vendor: CVE Published:; 22 April 2025

Summary

The TOTOLINK A810R router presents a security risk due to a hardcoded password for the telnet service found in the product's configuration file. This vulnerability could allow unauthorized access to the device, compromising the integrity of the network it serves. Users are urged to review their device configurations and implement security measures to mitigate potential threats.

References

https://locrian-lightning-dc7.notion.site/Hard-code-Passw...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2025
Vulnerability Reserved
Mar 11, 2025