CVE-2025-25605 Information

Description

Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua.

Reference

https://github.com/sezangel/IOT-vul/tree/main/Totolink/X5000R/4