CVE-2025-45797
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
08/05/2025
Last modified:
16/05/2025
Description
TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:* | ||
cpe:2.3:h:totolink:a950rg:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page