CVE-2025-8938 | TOTOLINK N350R 1.2.3-B20130826 Telnet Service /boafrm/formSysTel TelEnabled backdoor

Inserito da Angelo Barbosa | Ago 13, 2025 | CVE

A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826 and classified as critical. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor.

The identification of this vulnerability is CVE-2025-8938. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to apply restrictive firewalling.

CVE-2025-8938 | TOTOLINK N350R 1.2.3-B20130826 Telnet Service /boafrm/formSysTel TelEnabled backdoor

Post correlati

CVE-2024-0366 | Starbox Plugin up to 3.4.7 on WordPress resource injection

CVE-2023-41169 | NetScout nGeniusONE 6.3.4 cross site scripting

CVE-2024-23783 | Sharp Energy Management Controller with Cloud Services up to B0.1.9.1 improper authentication

CVE-2024-9366 | Easy Menu Manager Plugin up to 1.0.1 on WordPress SVG File Upload cross site scripting