CVE-2025-28135

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 27, 2025

Updated: Apr 15, 2025

CWE ID 121

Summary

CVE-2025-28135: A buffer overflow vulnerability has been identified in the TOTOLINK A810R V4.1.2cu.5182_B20201026 firmware, specifically in the "downloadFile.cgi" component. An attacker could exploit this flaw by sending specially crafted data to the affected device, leading to memory corruption and potential code injection. Successful exploitation could result in unauthorized access, data theft, or even device takeover. Users are advised to upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TOTOLINK

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/4N-jug
https://www.cve.org/CVERecord?id=CVE-2025-28135
https://nvd.nist.gov/vuln/detail/CVE-2025-28135

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-28135

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations