Primary

Context

TOTOLINK N350R Telnet Service Backdoor Vulnerability

Vulnerability

A backdoor vulnerability has been identified in the TOTOLINK N350R router, specifically in version 1.2.3-B20130826. The issue arises in the Telnet service, within the 'formSysTel' function of the '/boafrm/formSysTel' file. The vulnerability is triggered by manipulating the 'TelEnabled' parameter, allowing remote access through a backdoor. This vulnerability has been publicly disclosed and is actively exploitable.

Impact

Exploitation of this vulnerability creates a backdoor, allowing unauthorized remote access to the device via Telnet.

Remediation

It is recommended to apply restrictive firewall rules to block unauthorized access to the Telnet service.

Added: Aug 14, 2025, 5:17 AM

Updated: Aug 14, 2025, 5:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TOTOLINK N350R Telnet Service Backdoor Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating