CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://locrian-lightning-dc7.notion.site/RCE2-1ad8e5e2b1a280fbb0cacc7e758e7299
https://locrian-lightning-dc7.notion.site/RCE2-1ad8e5e2b1a280fbb0cacc7e758e7299

Products affected by CVE-2025-28039

Totolink » Ex1200t » Version: N/A

cpe:2.3:h:totolink:ex1200t:-
Totolink » Ex1200t Firmware » Version: 4.1.2cu.5232_b20210713

cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-28039

Products

Pricing

Contact Us