First published: Sun Mar 30 2025(Updated: )
A vulnerability has been found in TOTOLINK A3000RU up to 5.9c.5185 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/ExportIbmsConfig.sh of the component IBMS Configuration File Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Totolink A3000RU firmware | <=5.9c.5185 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-2955 is classified as a problematic vulnerability due to its impact on improper access controls.
To fix CVE-2025-2955, you should update the TOTOLINK A3000RU firmware to a version higher than 5.9c.5185.
CVE-2025-2955 affects the IBMS Configuration File Handler located in the /cgi-bin/ExportIbmsConfig.sh file.
The consequences of CVE-2025-2955 include unauthorized access and manipulation of sensitive configuration files.
The TOTOLINK A3000RU versions up to and including 5.9c.5185 are vulnerable to CVE-2025-2955.