CVE-2025-46060
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk53th percentile - higher than 53% of all known CVEs
Summary
A buffer overflow vulnerability was found in the TOTOLINK N600R router firmware version 4.3.0cu.7866_B2022506. A remote attacker can exploit the UPLOAD_FILENAME component to execute arbitrary code.
Risk Assessment
The risk involves potential remote code execution by an unauthenticated attacker, leading to full compromise of the router and the network it serves.
Recommendation
Immediately update the TOTOLINK N600R firmware to the latest available version. If no update is available, restrict management interface access to trusted networks only.
Original NVD description (English source)
Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component

