Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

TOTOLINK EX200 unpatched root telnet flaw (CVE-2025-65606)

Vulnerability
First reported
Last updated
Happening score
H score 2
1 unique sources, 1 articles

Summary

Hide ▲

TOTOLINK EX200 owners face an unpatched CVE-2025-65606 flaw in the device’s firmware-upload path that can enable unauthenticated root telnet access and full takeover. An attacker who is already authenticated to the web management interface can trigger an error state by submitting malformed firmware, then gain full system access, configuration manipulation, arbitrary command execution, and persistence. TOTOLINK has not released a fix, and the device is described as no longer actively maintained.

Related Happenings

Fortinet CVE-2025-59718 mitigation guidance

Advisory/Mitigation
First: 23.01.2026 12:39 Last: 23.01.2026 12:39 Sources 1

About this happening: **Fortinet** told customers to immediately harden **FortiCloud SSO** exposure for **CVE-2025-59718**, because attackers are still abusing the flaw against **fully patched firewall...

Open Happening

Timeline

  1. 06.01.2026 17:47 2 articles · 4mo ago

    CERT/CC discloses CVE-2025-65606 in TOTOLINK EX200

    Initial Disclosure

    CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 wireless range extender, identified as CVE-2025-65606, that can let an authenticated attacker to the web management interface trigger malformed firmware-upload handling and start an unauthenticated root telnet service, leading to full system access, configuration manipulation, arbitrary command execution, and persistence. CERT/CC said TOTOLINK has not released a patch and that the product is no longer actively maintained, while the vendor page shows the firmware was last updated in February 2023.

    Show sources
    Open in new tab