exploitDog

CVE-2025-28020

Опубликовано: 23 апр. 2025

Источник: nvd

CVSS3: 7.3

EPSS Низкий

Описание

TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.

Ссылки

https://locrian-lightning-dc7.notion.site/BufferOverflow3-1948e5e2b1a280c28ef5c6e54b49324d?pvs=73
Exploit
Third Party Advisory
https://locrian-lightning-dc7.notion.site/CVE-2025-28020-BufferOverflow3-1948e5e2b1a280c28ef5c6e54b49324d
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:totolink:a800r_firmware:4.1.2cu.5137_b20200730:*:*:*:*:*:*:*

cpe:2.3:h:totolink:a800r:-:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00145

Низкий

7.3 High

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-2cpg-xxmj-g6gp

CVSS3: 7.3

github

4 месяца назад

TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.

EPSS

Процентиль: 36%

0.00145

Низкий

7.3 High

CVSS3

Дефекты

CWE-120