CVE-2025-11444

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TOTOLINK N600R versions prior to 4.3.0cu.7866 B20220506

Description A buffer overflow issue exists in TOTOLINK N600R. The issue is located in the setWiFiBasicConfig function within the /cgi-bin/cstecgi.cgi file of the HTTP Request Handler component. Manipulation of the wepkey argument can trigger the buffer overflow, allowing for remote exploitation. The exploit has been publicly disclosed.

Recommendations Update TOTOLINK N600R to a version newer than 4.3.0cu.7866 B20220506.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2025-12824

CVE-2025-11444

Affected Products

Totolink N600R

CVE-2025-11444

Weakness Enumeration

Related Identifiers

Affected Products

References · 15