Vulnerability Details CVE-2025-13184
Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369_B20230113 (arbitrary command execution). Earlier versions that share the same implementation, may also be affected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-13184
-
cpe:2.3:h:totolink:x5000r:-
-
cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6369_b20230113