Buffer Overflow Vulnerability in TOTOLINK A810R Product by TOTOLINK
CVE-2025-28135

7.5HIGH

Key Information:

Vendor: TOTOLINK
Status: TOTOLINK A810R
Vendor: CVE Published:; 27 March 2025

Summary

The TOTOLINK A810R version V4.1.2cu.5182_B20201026 is prone to a buffer overflow vulnerability in the 'downloadFile.cgi' file, which could allow attackers to execute arbitrary code, leading to potential unauthorized access and manipulation of the device. Implementing security measures and applying the latest updates is essential to mitigate this risk.

References

https://sudsy-eyeliner-a59.notion.site/BufferOverflow-V4-...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Mar 11, 2025