CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.032

EPSS Ranking 86.3%

CVSS Severity

CVSS v3 Score 9.8

References

https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0
https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0

Products affected by CVE-2025-28038

Totolink » Ex1200t » Version: N/A

cpe:2.3:h:totolink:ex1200t:-
Totolink » Ex1200t Firmware » Version: 4.1.2cu.5232_b20210713

cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-28038

Products

Pricing

Contact Us