Comprehensive Overview of CVEs and Security Vulnerabilities

CVE-2025-28024 TOTOLINK vulnerabilities Ivanti security advisory buffer overflow remote code execution security vulnerabilities
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
October 2, 2025 2 min read

CVE-2025-28024 Vulnerability in TOTOLINK A810R

TOTOLINK A810R firmware version 4.1.2cu.5182_B20201026 has a buffer overflow vulnerability located in the cstecgi.cgi file. This vulnerability has been classified under CVE-2025-28024.

Metrics

  • CVSS 4.0 Severity: Not Available
  • CVSS 3.x Severity: 9.8 (Critical)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Weakness Enumeration:
    • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

References

Threat Brief: CVE-2025-0282 and CVE-2025-0283

CVE-2025-0282 and CVE-2025-0283 impact multiple Ivanti products including Connect Secure, Policy Secure, and ZTA gateways.

CVE-2025-0282 Details

  • Type: Stack-based buffer overflow
  • Impact: Allows remote unauthenticated attackers to achieve remote code execution.
  • CVSS Score: 9.0 (Critical).

CVE-2025-0283 Details

  • Type: Stack-based buffer overflow
  • Impact: Allows local authenticated attackers to escalate privileges.
  • CVSS Score: 7.0 (High).

On January 8, 2025, Ivanti issued a security advisory regarding these vulnerabilities.

Attack Scope

  • Attackers can exploit CVE-2025-0282 by sending specially crafted requests to vulnerable appliances.
  • Specific tools and techniques associated with this attack have been observed.

Clock Icon

Recommendations

Other TOTOLINK Vulnerabilities

Several vulnerabilities have been identified in various TOTOLINK products, notably:

CVE-2025-9934

  • Product: TOTOLINK X5000R
  • Impact: Command injection vulnerability via the function sub_410C34.
  • CVSS Score: 6.3 (Medium).

CVE-2025-9935

  • Product: TOTOLINK N600R
  • Impact: Command injection vulnerability via the function sub_4159F8.
  • CVSS Score: 7.3 (High).

CVE-2025-52046

  • Product: TOTOLINK A3300R
  • Impact: Command injection vulnerability allowing unauthenticated attackers to execute arbitrary commands.
  • CVSS Score: 9.8 (Critical).

NVD CVE List

Additional Vulnerabilities

  • For a comprehensive list of TOTOLINK vulnerabilities, refer to the OpenCVE database here.

References

This technical overview provides critical information regarding recently identified vulnerabilities in TOTOLINK and Ivanti products, along with their implications and mitigation strategies.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

React2Shell Vulnerability CVE-2025-55182: Exploitation Threats and Trends
React2Shell vulnerability

React2Shell Vulnerability CVE-2025-55182: Exploitation Threats and Trends

Critical React2Shell RCE vulnerability exploited by threat actors. Learn about attacker techniques, observed payloads like crypto miners, and how to protect your systems. Read now!

By Divyansh Ingle December 12, 2025 8 min read
Read full article
WinRAR CVE-2025-6218 Vulnerability Under Active Attack by Threat Groups
WinRAR vulnerability

WinRAR CVE-2025-6218 Vulnerability Under Active Attack by Threat Groups

CISA flags WinRAR CVE-2025-6218 as actively exploited. Learn about this path traversal flaw and how to protect your systems. Update now!

By Jim Gagnard December 11, 2025 3 min read
Read full article
Malicious VSCode Extensions Launch Multi-Stage Attacks and Infostealers
malicious VSCode extensions

Malicious VSCode Extensions Launch Multi-Stage Attacks and Infostealers

Beware of malicious VSCode extensions & device code phishing scams. Learn how these attacks steal credentials, capture screens, and hijack sessions. Protect yourself now!

By Alan V Gutnov December 10, 2025 6 min read
Read full article
PRC State-Sponsored BRICKSTORM Malware Targets Critical Infrastructure
BRICKSTORM malware

PRC State-Sponsored BRICKSTORM Malware Targets Critical Infrastructure

Discover how PRC state actors are using BRICKSTORM malware to gain persistent access via VMware. Learn about its advanced evasion techniques and how to defend your systems. Read now!

By Divyansh Ingle December 9, 2025 3 min read
Read full article