CVE-2025-67189
Unknown Unknown - Not Provided
Buffer Overflow in TOTOLINK A950RG setParentalRules Enables Remote Code Execution

Publication date: 2026-02-03

Last updated on: 2026-02-10

Assigner: MITRE

Description
A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-size stack buffer without performing boundary checks. A remote attacker can exploit this flaw to cause denial of service or potentially achieve arbitrary code execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-10
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-14
NVD
CVE-2025-67189
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
totolink a950rg_firmware 4.1.2cu.5204_b20210112
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Mitigation Strategies

Immediate mitigation steps include restricting access to the setParentalRules interface to trusted users only, such as limiting access to the local network or using firewall rules.

Additionally, monitoring for unusual activity or crashes related to this interface can help in early detection of exploitation attempts.

Applying any available firmware updates or patches from the vendor that address this vulnerability is recommended once they become available.

Executive Summary

[{'type': 'paragraph', 'content': "This vulnerability is a buffer overflow in the setParentalRules interface of the TOTOLINK A950RG router firmware version V4.1.2cu.5204_B20210112. Specifically, the urlKeyword parameter is not properly validated. The function handling this parameter concatenates multiple user-controlled inputs into a fixed-size stack buffer without checking if the combined size exceeds the buffer's capacity."}, {'type': 'paragraph', 'content': 'Because of this improper boundary checking, a remote attacker can exploit the flaw by sending specially crafted input that overflows the buffer.'}, {'type': 'paragraph', 'content': 'This overflow can lead to denial of service or potentially allow the attacker to execute arbitrary code on the device.'}] [1]

Impact Analysis

Exploitation of this vulnerability can have serious impacts including:

  • Denial of service: The device may crash or become unresponsive, disrupting network connectivity.
  • Arbitrary code execution: An attacker could potentially run malicious code on the affected device, leading to unauthorized control.
  • Compromise of network security: Since the device is a router, successful exploitation could allow attackers to intercept, manipulate, or redirect network traffic.
Detection Guidance

[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves checking for the presence of the vulnerable TOTOLINK A950RG firmware version and monitoring for suspicious activity related to the setParentalRules interface, specifically the urlKeyword parameter.'}, {'type': 'paragraph', 'content': "Since the vulnerability is triggered by malformed input to the setParentalRules interface, one approach is to send crafted requests to this interface and observe the device's behavior for crashes or abnormal responses."}, {'type': 'paragraph', 'content': 'Specific commands or scripts to test this vulnerability are not explicitly provided in the available resources.'}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67189. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart