CVE-2025-25524

Name of the Vulnerable Software and Affected Versions TOTOLink X6000R version V9.4.0cu.652 B20230116

Description The issue is related to a buffer overflow vulnerability due to the lack of length verification when adding Wi-Fi filtering rules. This can cause the remote target device to crash or execute arbitrary commands.

Recommendations For version V9.4.0cu.652 B20230116, consider disabling the Wi-Fi filtering rule addition feature until a patch is available to prevent potential exploitation. Restrict access to the vulnerable Wi-Fi rule handling module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.