CVE Catalog
CVE-2025-51452
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.36%
28th percentile - higher than 28% of all known CVEs
Summary
In TOTOLINK A7000R firmware version 9.1.0u.6115_B20201022, a vulnerability allows login bypass. An attacker can send a crafted request to formLoginAuth.htm to gain unauthorized access.
Risk Assessment
The risk involves potential takeover of the router without valid credentials, leading to network and data security breaches.
Recommendation
Immediately update the firmware to the latest version and restrict administrative panel access to trusted IP addresses only.
Original NVD description (English source)
In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

