CVE-2025-63466 identifies a stack overflow vulnerability in the Totolink LR350 router firmware version 9.3.5u.6369_B20220309. The vulnerability resides in the sub_426EF8 function, specifically triggered by the password parameter. An attacker can craft a malicious request that overflows the stack, leading to a Denial of Service (DoS) condition by crashing or destabilizing the device. This flaw does not require authentication or user interaction, increasing its potential attack surface. The lack of a CVSS score indicates it is a newly published vulnerability with limited public data. No patches or known exploits are currently reported, but the vulnerability could be leveraged to disrupt network availability. Totolink LR350 is a consumer and small business router, often deployed in home offices and small enterprises. The vulnerability primarily threatens device availability, potentially causing network outages or interruptions in connectivity. Attackers could exploit this remotely if the device management interface is exposed to untrusted networks. The stack overflow nature of the flaw suggests potential for further exploitation, but currently, only DoS impact is confirmed.

For European organizations, the primary impact of CVE-2025-63466 is on network availability. Organizations relying on Totolink LR350 routers for internet connectivity or internal network routing could face service disruptions if targeted. This could affect small businesses, home offices, and branch offices using these devices. Disruptions may lead to loss of productivity, communication breakdowns, and potential cascading effects on dependent services. Critical infrastructure sectors using these routers in non-hardened environments might experience operational interruptions. Although no data confidentiality or integrity compromise is reported, availability impacts can still have significant operational and financial consequences. The vulnerability's ease of exploitation without authentication increases risk, especially if devices are exposed to the internet or untrusted networks. European organizations with limited network segmentation or outdated firmware are particularly vulnerable.

1. Immediately restrict access to the Totolink LR350 management interface by implementing network segmentation and firewall rules to limit exposure to trusted networks only. 2. Monitor network traffic for unusual or malformed requests targeting the password parameter on the router’s management interface. 3. Disable remote management features if not strictly necessary, or enforce VPN access for remote administration. 4. Regularly check Totolink’s official channels for firmware updates addressing this vulnerability and apply patches promptly once available. 5. Implement network-level DoS protection mechanisms to detect and mitigate abnormal traffic patterns. 6. Educate users and administrators about the risks of exposing router management interfaces to the internet. 7. Consider replacing vulnerable devices with models from vendors with stronger security track records if patching is delayed or unavailable.