What's Happening?
A critical vulnerability has been identified in the Totolink EX200 wireless range extender, which could allow attackers to take control of the device. The flaw, tracked as CVE-2025-65606, affects the firmware-upload error-handling logic, enabling a Telnet
service that runs with root privileges without requiring authentication. This vulnerability allows attackers to modify configurations and execute arbitrary commands, potentially infiltrating local networks. The Totolink EX200 is no longer maintained, with the last firmware updates released in 2021 and 2023. No patch is available for this security defect, which was reported by Leandro Kogan.
Why It's Important?
The discovery of this vulnerability highlights the ongoing security challenges associated with Internet of Things (IoT) devices, particularly those that are no longer supported by manufacturers. The ability for attackers to gain full control of a device poses significant risks to network security, potentially leading to data breaches or further exploitation of connected devices. This issue underscores the importance of regular security updates and the need for consumers to replace outdated or unsupported devices. For businesses and individuals, it emphasizes the necessity of implementing robust security measures to protect against unauthorized access.
What's Next?
Users of the Totolink EX200 are advised to restrict administrative access to trusted networks and monitor for unexpected Telnet activity. It is recommended to prevent untrusted users from accessing the management interface and to plan for replacing the vulnerable device. The lack of a patch for this vulnerability may prompt affected users to seek alternative products with better security support. This incident may also encourage manufacturers to improve their security practices and provide longer-term support for their products.
