ГлавнаяУязвимости → CVE-2025-28033
7.3высокая

CVE-2025-28033

→ есть в БДУ: BDU:2025-10702 (на русском)
Описание (на английском; русское — в БДУ выше)

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.

Затрагиваемое ПО
Totolink A800r firmwareTotolink A800rTotolink A810r firmwareTotolink A810rTotolink A830r firmwareTotolink A830rTotolink A950rg firmwareTotolink A950rgTotolink A3000ru firmwareTotolink A3000ruTotolink A3100r firmwareTotolink A3100r
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://locrian-lightning-dc7.notion.site/BufferOverflow7-1a98e5e2b1a280708d6ec6155ce88d8chttps://locrian-lightning-dc7.notion.site/CVE-2025-28033-BufferOverflow7-1a98e5e2b1a280708d6ec6155ce88d8c