CVE-2025-28025-BufferOverflow1 | Notion

[CVE-ID]

CVE-2025-28025

[PRODUCT]

TOTOLINK

[Vendor of Product]

https://www.totolink.net/

[VERSION]

A830R V4.1.2cu.5182_B20201102

A950RG V4.1.2cu.5161_B20200903

A3000RU V5.9c.5185_B20201128

A3100R V4.1.2cu.5247_B20211129

[Firmware]

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/184/ids/36.html

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/167/ids/36.html

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/168/ids/36.html

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/170/ids/36.html

[Vulnerability Type]

BufferOverflow

[Description]

TOTOLINK A830R V4.1.2cu.5182_B20201102,A950RG V4.1.2cu.5161_B20200903,A3000RU V5.9c.5185_B20201128,A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in the downloadFile.cgi