CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-52907

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.019

EPSS Ranking 82.3%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/PaloAltoNetworks/u42-vulnerability-disclosures/blob/main/2025/PANW-2025-0003/PANW-2025-0003.md
https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/247/ids/36.html

Products affected by CVE-2025-52907

Totolink » X6000r » Version: N/A

cpe:2.3:h:totolink:x6000r:-
Totolink » X6000r Firmware » Version: 9.4.0cu.1041_b20240224

cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.1041_b20240224
Totolink » X6000r Firmware » Version: 9.4.0cu.652_b20230116

cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.652_b20230116
Totolink » X6000r Firmware » Version: 9.4.0cu.852_b20230719

cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-52907

Products

Pricing

Contact Us