Critical severity9.8NVD Advisory· Published Apr 22, 2025· Updated Jun 17, 2026
CVE-2025-28037
CVE-2025-28037
Description
TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
Affected products
3Patches
Vulnerability mechanics
References
1- locrian-lightning-dc7.notion.site/RCE3-1ad8e5e2b1a280e192e8cff9fef896ccnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.