CVE-2025-67188

Name of the Vulnerable Software and Affected Versions TOTOLINK A950RG version 4.1.2cu.5204 B20210112

Description A buffer overflow condition exists in the software. The issue is located in the setRadvdCfg interface within the /lib/cste modules/ipv6.so module. The setRadvdCfg function does not adequately validate the length of the radvdinterfacename parameter, which is controlled by the user. This lack of validation can lead to a stack buffer overflow, potentially allowing remote attackers to compromise the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.