CVE-2025-28036

CRITICAL EXPLOITED

Totolink A950rg Firmware - OS Command Injection

Title source: rule

Description

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

References (2)

[Exploit, Third Party Advisory] https://locrian-lightning-dc7.notion.site/RCE1-1a98e5e2b1a28081880dd817104b3af4

[Exploit, Third Party Advisory] https://locrian-lightning-dc7.notion.site/CVE-2025-28035-CVE-2025-28036-RCE1-1a98e5e2b1a28081880dd817104b3af4

Scores

CVSS v3 9.8

EPSS 0.0636

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

VulnCheck KEV 2025-07-13

Classification

CWE

CWE-78

Status published

Affected Products (6)

totolink/a950rg_firmware

totolink/a810r_firmware

totolink/a800r_firmware

totolink/a830r_firmware

totolink/a3000ru_firmware

totolink/a3100r_firmware

Timeline

Published Apr 22, 2025

Tracked Since Feb 18, 2026