Vulnerability in Totolink Range Extender Allows Device Takeover

Vulnerability in Totolink Range Extender Allows Device Takeover

Posted on By CWS

A safety defect within the discontinued Totolink EX200 wi-fi vary extender may enable attackers to take over weak gadgets, the CERT Coordination Heart (CERT/CC) warns.

Tracked as CVE-2025-65606, the vulnerability impacts the firmware-upload error-handling logic of the community extender.

When processing malformed firmware information, the firmware-upload handler enters an irregular error state, which ends up in the launch of a Telnet service.

The service runs with root privileges and doesn’t require authentication, thus offering full system entry, CERT/CC notes.

“As a result of the telnet interface is often disabled and never meant to be uncovered, this conduct creates an unintended distant administration interface,” CERT/CC’s advisory reads.

Profitable exploitation of the vulnerability, nonetheless, requires authenticated entry to the gadget’s net administration interface, to set off the error within the firmware-upload performance.Commercial. Scroll to proceed studying.

“As soon as the error situation is triggered, the ensuing unauthenticated telnet service gives full management of the gadget,” CERT/CC says.

An attacker in a position to set off the bug positive aspects full management of the gadget, which permits them to change configurations and execute arbitrary instructions to infiltrate the native community.

The weak Totolink EX200 extender is now not maintained, with the final firmware updates launched in 2021 and 2023 (for {hardware} revision 1 and a pair of, respectively).

No patch is on the market for the newly disclosed safety defect, which was reported by Leandro Kogan.

“Customers ought to prohibit administrative entry to trusted networks, stop untrusted customers from accessing the administration interface, monitor for surprising telnet exercise, and plan to interchange the weak gadget,” CERT/CC notes.

Associated: Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’

Associated: Cisco Routers Hacked for Rootkit Deployment

Associated: Unauthenticated RCE Flaw Patched in DrayTek Routers

Associated: Totolink Routers, Different System Exploits Added to Beastmode Botnet

Security Week News Tags:, , , , ,

Related Posts

Critical SolarWinds Vulnerability Under Active Exploitation Critical SolarWinds Vulnerability Under Active Exploitation Security Week News
OpenClaw Faces Ongoing Security Challenges with New Open Source Tool OpenClaw Faces Ongoing Security Challenges with New Open Source Tool Security Week News
Cybersecurity Is Now a Core Business Discipline Cybersecurity Is Now a Core Business Discipline Security Week News
Fortinet, Ivanti, Nvidia Release Security Updates Fortinet, Ivanti, Nvidia Release Security Updates Security Week News
Critical Flaws in Google Looker Exposed by Researchers Critical Flaws in Google Looker Exposed by Researchers Security Week News
Russian Hacker Sentenced for Role in US Ransomware Attacks Russian Hacker Sentenced for Role in US Ransomware Attacks Security Week News