Critical severity9.8NVD Advisory· Published Apr 22, 2025· Updated Jun 17, 2026
CVE-2025-28035
CVE-2025-28035
Description
TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
Affected products
2Patches
Vulnerability mechanics
References
2- locrian-lightning-dc7.notion.site/CVE-2025-28035-CVE-2025-28036-RCE1-1a98e5e2b1a28081880dd817104b3af4nvdExploitThird Party Advisory
- locrian-lightning-dc7.notion.site/RCE1-1a98e5e2b1a28081880dd817104b3af4nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.