What is the CVSS score of CVE-2025-67188?

CVE-2025-67188 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.6%.

Which versions of A950rg Firmware are affected by CVE-2025-67188?

A critical buffer overflow vulnerability (CVE-2025-67188, CVSS 9.8) affects A950Rg firmware versions up to 4.1.2cu.5204_b20210112, enabling remote code execution without authentication.

Is there a public PoC exploit available for CVE-2025-67188?

Yes, a public proof-of-concept exploit is available for CVE-2025-67188. Prioritise patching immediately. EPSS: 0.6%.

How to fix or mitigate CVE-2025-67188?

Within 24 hours: Inventory all A950Rg devices and firmware versions; isolate affected devices from untrusted networks if operationally feasible; enable enhanced monitoring and logging. Within 7 days: Implement network segmentation to restrict device access; deploy WAF rules to block exploit patterns; contact vendor for patch timeline and workarounds. Within 30 days: Apply vendor patch immediately upon release; conduct forensic analysis for signs of compromise; review access logs for exploitation attempts.

A950rg Firmware CVE-2025-67188

CRITICAL

Classic Buffer Overflow (CWE-120)

2026-02-03 cve@mitre.org

Buffer Overflow A950rg Firmware TOTOLINK

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 10, 2026 - 14:15 vuln.today

Public exploit code

CVE Published

Feb 03, 2026 - 18:16 nvd

CRITICAL 9.8

DescriptionNVD

A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvdinterfacename parameter, allowing remote attackers to trigger a stack buffer overflow.

AnalysisAI

TOTOLINK A950RG has a third buffer overflow in setRadvdCfg providing yet another RCE vector through the router's IPv6 configuration interface.

Technical ContextAI

A CWE-120 buffer overflow in the setRadvdCfg function of TOTOLINK A950RG, the third overflow in this firmware. The RADVD configuration handles IPv6 router advertisements.

RemediationAI

Update firmware. All three overflows must be patched.

CVE-2025-67188 vulnerability details – vuln.today

Back

A950rg Firmware CVE-2025-67188

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code