Improper Input Validation in TOTOLINK X6000R Router
CVE-2025-52905

7HIGH

Key Information:

Vendor: Totolink
Status: X6000r
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-52905?

A vulnerability in the TOTOLINK X6000R router permits improper input validation, which can lead to flooding attacks. This issue is present in specific firmware versions, thereby impacting the router's security and potentially allowing unauthorized access to network resources. Users are advised to update their firmware to the latest version to mitigate this risk.

Affected Version(s)

X6000R 0

References

https://www.totolink.net/home/menu/detail/menu_listtpl/do...

https://github.com/PaloAltoNetworks/u42-vulnerability-dis...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Jun 21, 2025

JSON

Totolink

What is CVE-2025-52905?

Affected Version(s)

References

CVSS V4

Timeline