Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-55895

TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access Control. Attackers can send payloads to the interface without logging in (remote).

Published

2025-12-15T21:15:59.057

Last Modified

2025-12-17T19:21:10.510

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses

Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	totolink	a3300r_firmware	17.0.0cu.557_b20221024	Yes
Hardware	totolink	a3300r	-	No
Operating System	totolink	n200re_firmware	9.3.5u.6437_b20230519	Yes
Hardware	totolink	n200re	-	No

References

https://github.com/l0tk3/CVES/blob/main/CVE-2025-55895.pdf Exploit, Third Party Advisory ([email protected])
https://www.totolink.net/ Product ([email protected])