Backdoor Vulnerability in TOTOLINK N350R Telnet Service
CVE-2025-8938

5.3MEDIUM

Key Information:

Vendor: Totolink
Status: N350r
Vendor: CVE Published:; 14 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-8938?

A critical security flaw exists in the TOTOLINK N350R router, specifically within the Telnet Service's formSysTel function. An attacker can manipulate the TelEnabled argument to create a backdoor within the system, enabling unauthorized access. This vulnerability can be leveraged remotely, posing a significant threat to users as the exploit has been publicly disclosed and could be deployed by malicious actors.

Affected Version(s)

N350R 1.2.3-B20130826

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-8938 - Proof of Concept

References

https://vuldb.com/?id.319901

vdb-entrytechnical-description

https://vuldb.com/?ctiid.319901

signaturepermissions-required

https://vuldb.com/?submit.631837

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 14, 2025
👾
Exploit known to exist
Aug 14, 2025
Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Aug 13, 2025

Credit

rew1X (VulDB User)

Totolink