Improper input validation in Totolink X6000r

CVE-2025-52907

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.003 (50.1th percentile) — read the EPSS interpretation.

Affected products

Totolink X6000r — versions 0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References