CVE-2025-28027
CVSS 3.1 Score 7.3 of 10 (high)
Details
Summary
CVE-2025-28027: A buffer overflow vulnerability has been identified in the downloadFile.cgi component of TOTOLINK routers with firmware versions V4.1.2cu.5182_B20201102 (A830R V4), V4.1.2cu.5161_B20200903 (A950RG V4), V5.9c.5185_B20201128 (A3000RU V5.9), and V4.1.2cu.5247_B20211129 (A3100R V4). Exploitation of this vulnerability could lead to arbitrary code execution, potentially enabling attackers to gain unauthorized access to affected devices. Users are strongly advised to update their router firmware to the latest version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- TOTOLINK