The CERT Coordination Center (CERT/CC) has disclosed details concerning a serious, unpatched security flaw impacting the TOTOLINK EX200 wireless range extender. This vulnerability (CVE-2025-65606) could allow an authenticated remote attacker to gain full control of the device.
The root cause of the issue lies in a flaw within the firmware-upload error-handling logic. Exploiting this defect could inadvertently cause the device to initiate specific unintended operations. Consequently, an attacker could completely seize control of the EX200, posing a significant security risk to the network environment. Currently, no patch is available for this vulnerability, and users are strongly advised to exercise caution and consider alternative solutions.
Unpatched Firmware Flaw in TOTOLINK EX200 Allows Full Remote Device Takeover
News
コメント