- Description
- TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-78
- Hype score
- Not currently trending
CVE-2025-28034 Pre-Auth Remote Command Execution in TOTOLINK Router Firmware Versions https://t.co/NwcZ6sVEdY
@VulmonFeeds
22 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-28034 TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, an… https://t.co/ByS1fYOkgV
@CVEnew
22 Apr 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a800r_firmware:4.1.2cu.5137_b20200730:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E79C3048-8804-410F-BFFC-8878FFE2DF8A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a800r:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EA5FEC23-3370-4C1F-96C1-C1287FCCB07B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a810r_firmware:4.1.2cu.5182_b20201026:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FFF9A60-5961-4F2F-9365-94C5DF7F8EDA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a810r:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "34981911-5839-430B-8008-EACFDFCEA2A1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a830r_firmware:4.1.2cu.5182_b20201102:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBE71E71-E61B-487D-8EB8-7BD55ADF2851"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a830r:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1751A6D0-CD32-4035-94B0-6085272AB214"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5161_b20200903:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64FA78CC-AB0C-4D86-964B-1A91C747BA8A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a950rg:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2F20C691-11F3-4882-89C7-500C097C0938"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a3000ru_firmware:5.9c.5185_b20201128:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79DE76F9-7FFB-4862-AD73-BD2ACA15EBAB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a3000ru:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FD355C8B-CA00-4093-BB2A-D3EC6EC64053"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5247_b20211129:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9098D12E-0A3B-4CBF-AC5E-43C5394C7719"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "40729E79-9D89-440F-B38D-E62D310E27F9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]