CVE-2025-6139

Name of the Vulnerable Software and Affected Versions TOTOLINK T10 version 4.1.8cu.5207

Description A problematic issue has been found, affecting some unknown functionality of the file /etc/shadow.sample. This issue leads to the use of a hard-coded password. The attack can only be initiated within the local network and has a rather high complexity, making exploitation difficult.

Recommendations For TOTOLINK T10 version 4.1.8cu.5207, consider changing the hard-coded password in the /etc/shadow.sample file to a unique and secure password to mitigate the risk of exploitation. Additionally, restrict access to the local network to minimize the attack surface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.