CRITICAL🇵🇱 Wersja polska

CVE-2025-51452

CVSS 9.8v3.1pub. 2025-08-13upd. 2026-07-05

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Totolink A7000r

    HW
    Totolink
    wszystkie wersje
  • Totolink A7000r Firmware

    OS
    Totolink
    9.1.0u.6115_b20201022
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-28639CRITICAL9.8PL ✓ten sam produkt

Buffer Overflow w TOTOLINK X5000R i A7000R — RCE przez pole IP

CVE-2023-49418CRITICAL9.8PL ✓ten sam produkt

Stack overflow w TOTOLink A7000R via setIpPortFilterRules — RCE bez uwierzytelnienia

CVE-2023-49417CRITICAL9.8PL ✓ten sam produkt

Stack overflow w TOTOLink A7000R — funkcja setOpModeCfg

CVE-2023-45984CRITICAL9.8ten sam produkt

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a ...

CVE-2023-36947CRITICAL9.8ten sam produkt

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a ...