CVE-2025-28034
Last modified
CVE-2025-28034 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.. EPSS estimates a 1.05% chance of exploitation in the next 30 days.
Description
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Totolink | A800r Firmware | 4.1.2cu.5137_b20200730 |
| Totolink | A810r Firmware | 4.1.2cu.5182_b20201026 |
| Totolink | A830r Firmware | 4.1.2cu.5182_b20201102 |
| Totolink | A950rg Firmware | 4.1.2cu.5161_b20200903 |
| Totolink | A3000ru Firmware | 5.9c.5185_b20201128 |
| Totolink | A3100r Firmware | 4.1.2cu.5247_b20211129 |
References
- https://locrian-lightning-dc7.notion.site/RCE2-1a98e5e2b1a280bebf53d868f1b1a711?pvs=74Exploit, Third Party Advisory
- https://locrian-lightning-dc7.notion.site/CVE-2025-28034-RCE2-1a98e5e2b1a280bebf53d868f1b1a711Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-28034?
How severe is CVE-2025-28034?
How do I fix CVE-2025-28034?
Are you affected by CVE-2025-28034?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST