Comprehensive Overview of CVEs and Security Vulnerabilities

CVE-2025-28024 Vulnerability in TOTOLINK A810R

TOTOLINK A810R firmware version 4.1.2cu.5182_B20201026 has a buffer overflow vulnerability located in the cstecgi.cgi file. This vulnerability has been classified under CVE-2025-28024.

Metrics

• CVSS 4.0 Severity: Not Available
• CVSS 3.x Severity: 9.8 (Critical)
• Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
• Weakness Enumeration:
  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

References

• Buffer Overflow Advisory
• CVE Dictionary Entry

Threat Brief: CVE-2025-0282 and CVE-2025-0283

CVE-2025-0282 and CVE-2025-0283 impact multiple Ivanti products including Connect Secure, Policy Secure, and ZTA gateways.

CVE-2025-0282 Details

• Type: Stack-based buffer overflow
• Impact: Allows remote unauthenticated attackers to achieve remote code execution.
• CVSS Score: 9.0 (Critical).

CVE-2025-0283 Details

• Type: Stack-based buffer overflow
• Impact: Allows local authenticated attackers to escalate privileges.
• CVSS Score: 7.0 (High).

On January 8, 2025, Ivanti issued a security advisory regarding these vulnerabilities.

Attack Scope

• Attackers can exploit CVE-2025-0282 by sending specially crafted requests to vulnerable appliances.
• Specific tools and techniques associated with this attack have been observed.

Recommendations

• Apply updates as recommended in Ivanti’s security advisory.
• Palo Alto Networks provides protections through:
  • Advanced WildFire
  • Advanced URL Filtering
  • Advanced DNS Security

Other TOTOLINK Vulnerabilities

Several vulnerabilities have been identified in various TOTOLINK products, notably:

CVE-2025-9934

• Product: TOTOLINK X5000R
• Impact: Command injection vulnerability via the function sub_410C34.
• CVSS Score: 6.3 (Medium).

CVE-2025-9935

• Product: TOTOLINK N600R
• Impact: Command injection vulnerability via the function sub_4159F8.
• CVSS Score: 7.3 (High).

CVE-2025-52046

• Product: TOTOLINK A3300R
• Impact: Command injection vulnerability allowing unauthenticated attackers to execute arbitrary commands.
• CVSS Score: 9.8 (Critical).

Additional Vulnerabilities

• For a comprehensive list of TOTOLINK vulnerabilities, refer to the OpenCVE database here.

References

• CVE-2025-9934 Details
• CVE-2025-9935 Details
• CVE-2025-52046 Details

This technical overview provides critical information regarding recently identified vulnerabilities in TOTOLINK and Ivanti products, along with their implications and mitigation strategies.