CVE-2025-6128

HIGH

TOTOLINK EX1200T 4.1.2cu.5232_B20210713 - Buffer Overflow via Wireless Table POST Request

Title source: llm

Description

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This affects an unknown part of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.312597

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.312597

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.592694

Exploit related

https://github.com/byxs0x0/cve2/blob/main/8.md

View Exploit ZIP pw:eip

Exploit exploit

https://github.com/byxs0x0/cve2/blob/main/8.md#poc

View Exploit ZIP pw:eip

Product product

https://www.totolink.net/

Scores

CVSS v3 8.8

EPSS 0.0108

EPSS Percentile 60.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-119 CWE-120

Status published

Products (1)

totolink/ex1200t_firmware 4.1.2cu.5232_b20210713

Published Jun 16, 2025

Tracked Since Feb 18, 2026