CVE-2025-9577
LOWCVSS Vector
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited.
Analysis
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. Rated low severity (CVSS 2.0). Public exploit code available and no vendor patch available.
Technical Context
This vulnerability is classified as Use of Default Credentials (CWE-1392), which allows attackers to gain access using factory-default usernames and passwords. A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited. Affected products include: Totolink X2000R Firmware. Version information: up to 2.0.0..
Affected Products
Totolink X2000R Firmware.
Remediation
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Force credential change on first use, remove default accounts, document required credential changes.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today