Unrated severityNVD Advisory· Published Apr 22, 2025· Updated Apr 23, 2025

CVE-2025-28037

Description

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.

Affected products

TOTOLINK/A810Rdescription
Totolink/A950RGllm-fuzzy
Range: = V4.1.2cu.5161_B20200903
Totolink/A810Rllm-fuzzy
Range: = V4.1.2cu.5182_B20201026

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

locrian-lightning-dc7.notion.site/RCE3-1ad8e5e2b1a280e192e8cff9fef896ccmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000