{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T11:48:51.846","vulnerabilities":[{"cve":{"id":"CVE-2025-52089","sourceIdentifier":"cve@mitre.org","published":"2025-07-11T15:15:24.677","lastModified":"2025-07-19T03:15:22.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges."},{"lang":"es","value":"Una función de soporte remoto oculta protegida por un secreto estático en la versión 8.54 del firmware TOTOLINK N300RB permite que un atacante autenticado ejecute comandos arbitrarios del sistema operativo con privilegios de root."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:n300rb_firmware:8.54:*:*:*:*:*:*:*","matchCriteriaId":"CAA4470F-B2BC-4E27-8D30-68F3CA3F5ABA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:n300rb:-:*:*:*:*:*:*:*","matchCriteriaId":"F5F9AA3E-143F-4A4E-8CDF-6DEB4F1C9620"}]}]}],"references":[{"url":"https://0x09.dev/posts/toto_decouvre_une_interface_de_debug/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}]}