CVE-2025-52907

Name of the Vulnerable Software and Affected Versions TOTOLINK X6000R versions through V9.4.0cu.1360 B20241207

Description The software contains an improper input validation issue that can lead to command injection and file manipulation. The vulnerability exists due to insufficient validation of user-supplied input. This allows an attacker to inject arbitrary commands and manipulate files on the system. There is no information about the number of potentially affected devices or any real-world incidents where this issue was exploited.

Recommendations Update TOTOLINK X6000R to a version later than V9.4.0cu.1360 B20241207.