# Title: TOTOLINK N300RB 8.54 - Command Execution # Author: Skander BELABED - Magellan Sécurité # Date: 07/11/2025 # Vendor: TOTOLINK # Product: N300RB # Firmware version: 8.54 # CVE: CVE-2025-52089 ## Description: A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges. # Reproduce: [href]( https://0x09.dev/posts/toto_decouvre_une_interface_de_debug/)
Credits and Partners
All rights reserved nPulse.net 2009 - 2025
Powered by: MVCP2 / BVCP / ASPF-MILTER / PHP 8.3 / NGINX / FreeBSD
