Cyber Resilience

CVE-2025-67445

HighPublic PoCDDoS

Published: 24 February 2026

Published
24 February 2026
Modified
27 February 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0020 42.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-67445 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Totolink X5000R Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 42.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).

Deeper analysis

CVE-2025-67445 is a denial-of-service vulnerability in the TOTOLINK X5000R router firmware version V9.1.0cu.2415_B20250515. The flaw exists in the /cgi-bin/cstecgi.cgi script, which reads the CONTENT_LENGTH environment variable and allocates memory using malloc(CONTENT_LENGTH + 1) without sufficient bounds checking. When the lighttpd web server's request size limit is not enforced, this mishandling enables memory exhaustion or a segmentation fault in the management CGI.

The vulnerability can be exploited by any unauthenticated attacker with network access to the device. By crafting and sending a large POST request, the attacker triggers uncontrolled memory allocation, crashing the CGI process and rendering the web management interface unavailable. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-400 (Uncontrolled Resource Consumption).

Vendor guidance and further details, including potential patches or workarounds, are available at http://totolink.com. Additional technical analysis and a proof-of-concept are provided in the GitHub repository https://github.com/DaRkSpOoOk/CVE-2025-67445.

EU & UK References

Vulnerability details

TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstecgi.cgi. The CGI reads the CONTENT_LENGTH environment variable and allocates memory using malloc (CONTENT_LENGTH + 1) without sufficient bounds checking. When lighttpd s request size limit is not enforced, a crafted large…

more

POST request can cause memory exhaustion or a segmentation fault, leading to a crash of the management CGI and loss of availability of the web interface.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Direct remote exploitation of the CGI memory allocation flaw enables application-layer DoS via crafted POST requests.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-70327Same product: Totolink X5000R
CVE-2024-57016Same product: Totolink X5000R
CVE-2024-57015Same product: Totolink X5000R
CVE-2025-14586Same product: Totolink X5000R
CVE-2024-57013Same product: Totolink X5000R
CVE-2024-57011Same product: Totolink X5000R
CVE-2024-57019Same product: Totolink X5000R
CVE-2024-57012Same product: Totolink X5000R
CVE-2024-57014Same product: Totolink X5000R
CVE-2024-57022Same product: Totolink X5000R

Affected Assets

totolink
x5000r firmware
9.1.0cu.2415_b20250515

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly protects against the denial-of-service attack by implementing limits on request sizes and resource consumption to prevent memory exhaustion from large POST requests.

prevent

Requires validation and bounds checking of the CONTENT_LENGTH environment variable before memory allocation to block uncontrolled malloc calls.

prevent

Enforces allocation limits on system resources like memory to mitigate exhaustion triggered by oversized inputs in the CGI script.

References