Stack Overflow Vulnerability in TOTOLink A7000R Router
CVE-2025-63154

Currently unrated

Key Information:

Vendor: TOTOLink
Status: A7000R
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-63154?

The TOTOLink A7000R router has been found to have a stack overflow vulnerability in the urldecode function, specifically within the addEffect parameter. Attackers can exploit this flaw by sending a specially crafted POST request, potentially leading to Denial of Service (DoS) conditions. Users of the affected version should prioritize applying necessary security updates to mitigate any risks associated with this vulnerability.

References

https://github.com/0-fool/VulnbyCola/blob/main/TOTOLINK/A...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 27, 2025

JSON