CVE-2025-28036 Information

Description

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

Reference

https://locrian-lightning-dc7.notion.site/RCE1-1a98e5e2b1a28081880dd817104b3af4