CVE-2025-67188

**CVE-2025-67188 Vulnerability Summary**

CVE-2025-67188 is a stack-based buffer overflow vulnerability in the TOTOLINK A950RG router running firmware version V4.1.2cu.5204_B20210112. The flaw resides in the `setRadvdCfg` interface of the `/lib/cste_modules/ipv6.so` module, where insufficient validation of the user-supplied `radvdinterfacename` parameter length allows overflow of a fixed-size stack buffer (CWE-120). Published on 2026-02-03 with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it poses a critical risk due to its simplicity and impact.

Unauthenticated remote attackers can exploit this over the network by sending a crafted HTTP request to the vulnerable endpoint, triggering the overflow without user interaction. Successful exploitation enables arbitrary code execution with root privileges on the device, potentially allowing full compromise, data exfiltration, persistent backdoor installation, or use as a pivot in larger network attacks.

The referenced GitHub advisory (https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/ToTolink/A950RG/5024-ipv6-setRadvdCfg-radvdinterfacename-buffer.md) provides proof-of-concept details, including vulnerable code snippets and exploit reproduction steps, but no vendor patches are mentioned. Security practitioners should immediately isolate affected devices, monitor for anomalous traffic to the web interface, and check for firmware updates from TOTOLINK; input sanitization or disabling the IPv6 module may serve as interim mitigations. No evidence of in-the-wild exploitation has been reported.