CVE-2025-67186
Unknown Unknown - Not Provided
Buffer Overflow in TOTOLINK A950RG Firewall Module Enables RCE

Publication date: 2026-02-03

Last updated on: 2026-02-10

Assigner: MITRE

Description
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-10
Generated
2026-06-16
AI Q&A
2026-02-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67186
EUVD
EUVD-2025-206718
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
totolink a950rg_firmware 4.1.2cu.5204_b20210112
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

[{'type': 'paragraph', 'content': "Detection of this vulnerability involves monitoring for attempts to exploit the buffer overflow in the setUrlFilterRules interface of /lib/cste_modules/firewall.so by checking for unusually long or malformed 'url' parameters in network traffic targeting the TOTOLINK A950RG device."}, {'type': 'paragraph', 'content': 'Specific commands or scripts to detect exploitation attempts are not explicitly provided in the available resources.'}] [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable interface, such as limiting remote management access to trusted networks only, and monitoring for suspicious activity targeting the setUrlFilterRules interface.

Applying any available firmware updates or patches from TOTOLINK addressing this vulnerability is recommended once released.

Executive Summary

[{'type': 'paragraph', 'content': 'This vulnerability exists in the TOTOLINK A950RG router firmware version 4.1.2cu.5204_B20210112. It is a buffer overflow issue found in the setUrlFilterRules interface within the /lib/cste_modules/firewall.so component.'}, {'type': 'paragraph', 'content': "The problem arises because the 'url' parameter passed to this interface is not properly checked for its length. This lack of validation allows a remote attacker to send an overly long input, causing a buffer overflow."}, {'type': 'paragraph', 'content': 'Exploiting this buffer overflow can potentially allow the attacker to execute arbitrary code on the device or cause a denial of service by crashing the system.'}] [1]

Impact Analysis

If exploited, this vulnerability can have serious impacts including:

  • Arbitrary code execution by a remote attacker, which could lead to full control over the affected device.
  • Denial of service, causing the device to crash or become unresponsive.

Such impacts could compromise the security and availability of your network infrastructure if you are using the vulnerable TOTOLINK A950RG device.

Compliance Impact

The provided information does not specify how the buffer overflow vulnerability in TOTOLINK A950RG affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67186. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart