CVE-2025-45797

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
08/05/2025
Last modified:
16/05/2025

Description

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a950rg:-:*:*:*:*:*:*:*