CVE-2020-25499

high-risk

Published 2020-12-09

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router.

Do I need to act?

19.0% chance of exploitation in next 30 days

EPSS score — higher than 81% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (13)

A3002R Firmware

A3002Ru-V1 Firmware

A3002Ru-V2 Firmware

A702R-V2 Firmware

A702R-V3 Firmware

N100Re-V3 Firmware

N150Rt Firmware

N200Re-V3 Firmware

N200Re-V4 Firmware

N210Re Firmware

N300Rh-V3 Firmware

N300Rt Firmware

N302R Plus Firmware

Affected Vendors

Totolink

References (4)

Exploit https://github.com/kdoos/Vulnerabilities/blob/main/RCE_TOTOLINK-A3002RU-V2

Patch https://www.totolink.net/home/index/newsss/id/196.html

Exploit https://github.com/kdoos/Vulnerabilities/blob/main/RCE_TOTOLINK-A3002RU-V2

Patch https://www.totolink.net/home/index/newsss/id/196.html

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 13/34 · Low

Exposure 17/34 · Moderate