TOTOLink X6000R Buffer Overflow Vulnerability Allowing Arbitrary Command Execution

Vulnerability

A buffer overflow vulnerability has been identified in TOTOLink X6000R routers running version V9.4.0cu.652_B20230116. The vulnerability arises from inadequate length verification when adding Wi-Fi filtering rules. Attackers exploiting this issue can cause the device to crash or execute arbitrary commands.

Impact

Exploitation of this vulnerability can lead to a buffer overflow, potentially allowing for arbitrary code execution on the affected device or causing it to crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TOTOLink X6000R Buffer Overflow Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Impact

Affected Products

TOTOLink X6000R

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating