CVE-2025-52905

CWE-20Improper Input Validation6 documents5 sources
Severity
7.0HIGH
EPSS
0.1%
top 65.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Totolink X6000rTotolink X6000r Firmware
Timeline
PublishedSep 23
Latest updateOct 1

Description

Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:N

Affected Packages2 packages

CVEListV5totolink/x6000rV9.4.0cu.1360_B20241207
NVDtotolink/x6000r_firmware9.4.0cu.1360_b20241207

🔴Vulnerability Details

2
CVEList
TOTOLINK X6000R Argument Injection Vulnerability2025-09-23
GHSA
GHSA-94qm-cr28-jgjr: Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding2025-09-23

📋Vendor Advisories

1
Microsoft
octeontx2-pf: Fix resource leakage in VF driver unbind2024-08-13

🕵️Threat Intelligence

2
Unit42
TOTOLINK X6000R: Three New Vulnerabilities Uncovered2025-10-01
Unit42
TOTOLINK X6000R: Three New Vulnerabilities Uncovered2025-10-01
CVE-2025-52905 (HIGH CVSS 7) | Improper Input Validation vulnerabi | cvebase.io