CVE-2025-28032

Name of the Vulnerable Software and Affected Versions TOTOLINK A800R version 4.1.2cu.5137 B20200730 TOTOLINK A810R version 4.1.2cu.5182 B20201026 TOTOLINK A830R version 4.1.2cu.5182 B20201102 TOTOLINK A950RG version 4.1.2cu.5161 B20200903 TOTOLINK A3000RU version 5.9c.5185 B20201128 TOTOLINK A3100R version 4.1.2cu.5247 B20211129

Description The issue is a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter. This vulnerability affects multiple TOTOLINK router models.

Recommendations For TOTOLINK A800R version 4.1.2cu.5137 B20200730, consider disabling the setNoticeCfg function until a patch is available. For TOTOLINK A810R version 4.1.2cu.5182 B20201026, restrict access to the IpForm parameter in the affected API endpoint until the issue is resolved. For TOTOLINK A830R version 4.1.2cu.5182 B20201102, avoid using the IpForm parameter in the setNoticeCfg function until a fix is provided. For TOTOLINK A950RG version 4.1.2cu.5161 B20200903, temporarily disable the setNoticeCfg function to minimize the risk of exploitation. For TOTOLINK A3000RU version 5.9c.5185 B20201128, restrict access to the vulnerable module related to the setNoticeCfg function until a patch is available. For TOTOLINK A3100R version 4.1.2cu.5247 B20211129, consider applying configuration changes to limit the exposure of the IpForm parameter until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.