CVE-2025-28031

CWE-2593 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 51.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Totolink A810r Firmware
Timeline
PublishedApr 22

Description

TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:NExploitability: 2.2 | Impact: 4.2

Affected Packages1 packages

NVDtotolink/a810r_firmware4.1.2cu.5182_b20201026

🔴Vulnerability Details

2
GHSA
GHSA-m9hc-8hvg-f4hc: TOTOLINK A810R V42025-04-22
CVEList
CVE-2025-28031: TOTOLINK A810R V42025-04-22
CVE-2025-28031 (MEDIUM CVSS 6.5) | TOTOLINK A810R V4.1.2cu.5182_B20201 | cvebase.io