The CERT Coordination Center (CERT/CC) has disclosed details regarding a serious, unpatched security flaw affecting the TOTOLINK EX200 wireless range extender. This vulnerability, tracked as CVE-2025-65606, allows a remote authenticated attacker to achieve Full Remote Device Takeover. The root cause lies in a defect within the firmware-upload error-handling logic. While this is not a direct Web3 protocol exploit, vulnerabilities in peripheral network devices like range extenders present a significant, indirect threat to Web3 users. Compromised devices can serve as entry points for unauthorized access to local network assets, potentially exposing hardware wallets or confidential data, or being weaponized for further attacks. Users are strongly advised to cease using the affected device or isolate it from external networks until a vendor-supplied patch becomes available.
Source: Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
コメント