An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Totolink x2000r Firmware
CPEs cpe:2.3:h:totolink:x2000r:v2:*:*:*:*:*:*:*
cpe:2.3:o:totolink:x2000r_firmware:2.0.0-b20230727.1043.web:*:*:*:*:*:*:*
Vendors & Products Totolink x2000r Firmware

Mon, 15 Sep 2025 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink
Totolink x2000r
Vendors & Products Totolink
Totolink x2000r

Fri, 12 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-798
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 12 Sep 2025 16:00:00 +0000

Type Values Removed Values Added
Description An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-09-12T16:02:11.995Z

Reserved: 2025-08-17T00:00:00.000Z

Link: CVE-2025-57579

cve-icon Vulnrichment

Updated: 2025-09-12T16:01:28.622Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-12T16:15:35.290

Modified: 2025-10-02T20:04:07.443

Link: CVE-2025-57579

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-15T10:43:49Z