Stack Overflow Vulnerability in TOTOLink A7000R Router
CVE-2025-63153

7.5HIGH

Key Information:

Vendor: TOTOLink
Status: A7000R
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-63153?

The TOTOLink A7000R router has a stack overflow vulnerability stemming from improper handling of the 'ssid' parameter in the 'urldecode' function. This weakness can be exploited by malicious actors to send crafted requests, leading to potential Denial of Service (DoS) conditions, thereby impacting the availability of the device.

References

https://github.com/0-fool/VulnbyCola/blob/main/TOTOLINK/A...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 27, 2025

JSON