CVE-2025-5515

Name of the Vulnerable Software and Affected Versions TOTOLINK X2000R version 1.0.0-B20230726.1108

Description A critical issue has been found in the software, affecting some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. This issue can be exploited remotely.

Recommendations For TOTOLINK X2000R version 1.0.0-B20230726.1108, as a temporary workaround, consider restricting access to the /boafrm/formMapDel file and avoid using the devicemac1 argument in the affected functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.