What is the CVSS score of CVE-2025-5911?

CVE-2025-5911 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of Ex1200t Firmware are affected by CVE-2025-5911?

A critical buffer overflow vulnerability affecting TOTOLIK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) has been publicly disclosed with working exploits available.

Is there a public PoC exploit available for CVE-2025-5911?

Yes, a public proof-of-concept exploit is available for CVE-2025-5911. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-5911?

Within 24 hours: Inventory all TOTOLIK EX1200T devices in production and immediately isolate or restrict external access to affected units via firewall rules. Within 7 days: Contact TOTOLIK for patch availability and implement network segmentation to limit router access to trusted administrative sources only. Within 30 days: Replace affected devices with patched firmware versions once available, or migrate to alternative router solutions if patches remain unavailable.

Ex1200t Firmware CVE-2025-5911

EUVD-2025-17619 HIGH

Buffer Overflow (CWE-119)

2025-06-10 cna@vuldb.com

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17619

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

PoC Detected

Jun 16, 2025 - 17:06 vuln.today

Public exploit code

CVE Published

Jun 10, 2025 - 03:15 nvd

HIGH 8.8

DescriptionCVE.org

A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A buffer overflow vulnerability in TOTOLINK EX1200T (CVSS 8.8). Risk factors: public PoC available.

Technical ContextAI

CWE-119 (Buffer Overflow). CVSS 8.8 indicates high severity. Affects TOTOLINK EX1200T.

RemediationAI

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

CVE-2025-5911 vulnerability details – vuln.today

Back

Ex1200t Firmware CVE-2025-5911

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code