LiveActive security incident?Get immediate response
CVE Record

CVE-2015-9550: An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1...

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

Certain older TOTOLINK A850R-V1 and F1-V2 routers can be made to expose their web administration interface on the internet-facing side. This turns a normally internal management surface into an external one, increasing the chance of remote abuse if the device is reachable from the internet.

Executive priority

Treat this as high priority for internet-facing legacy routers. The issue can expose administrative access paths, and the provided sources do not identify a patch, making containment or replacement important.

Technical view

CVE-2015-9550 describes a WAN-side trigger that opens the web management interface on affected TOTOLINK A850R-V1 and F1-V2 firmware versions. The public CVE data provides no CVSS score, CWE, vendor patch statement, or authenticated versus unauthenticated impact details beyond the exposure behavior.

Likely exposure

Exposure is likely limited to TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices with WAN interfaces reachable by untrusted networks.

Exploitation context

The CVE is not listed as KEV in the supplied bundle, so active exploitation is not established here. The cited researcher reference describes the triggering condition publicly, which means defenders should treat internet-reachable affected routers as at-risk.

Researcher notes

The source evidence is narrow: model and firmware ranges plus the WAN management exposure trigger. No CVSS, CWE, KEV entry, patch status, or complete impact chain is provided in the bundle. Avoid assuming authentication bypass or RCE for this CVE alone.

Mitigation direction

  • Identify and prioritize affected TOTOLINK A850R-V1 and F1-V2 devices.
  • Check current TOTOLINK or reseller guidance for firmware or replacement advice.
  • Block internet access to router web management interfaces.
  • Place affected devices behind a trusted upstream firewall where feasible.
  • Replace unsupported affected devices if no vendor fix exists.

Validation and detection

  • Inventory router model and firmware version against the CVE description.
  • Confirm WAN-side management interfaces are not externally reachable.
  • Review perimeter scans for exposed TOTOLINK administration pages.
  • Check firewall logs for unexpected WAN management access attempts.
  • Document any affected devices lacking vendor-supported remediation.
Prepared
Confidence
medium
Sources
3

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2015-9550 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.