Skip to main content

T10 Firmware CVE-2025-6138

| EUVDEUVD-2025-18434 HIGH
Buffer Overflow (CWE-119)
2025-06-16 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18434
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
PoC Detected
Jun 20, 2025 - 14:34 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 21:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the HTTP POST request handler. An authenticated attacker can remotely exploit the setWizardCfg function via the ssid5g parameter to achieve buffer overflow, resulting in complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Technical ContextAI

The vulnerability exists in the cstecgi.cgi CGI binary, which processes HTTP POST requests for wireless router configuration. The setWizardCfg function fails to properly validate the length of the ssid5g input parameter before copying it into a fixed-size stack buffer, resulting in a classic stack-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer). The affected component handles wireless SSID configuration for 5GHz band settings in the TOTOLINK T10 wireless router. This is a network-facing service running on the device's embedded HTTP server, making it remotely accessible to authenticated users or potentially unauthenticated users depending on authentication bypass conditions.

RemediationAI

Immediate actions: (1) If patched firmware is available from TOTOLINK for T10 model, upgrade immediately via the device's firmware update mechanism or web interface; (2) If no patch exists, restrict network access to the device's HTTP interface using firewall rules, allowing only trusted administrative IPs; (3) Change default credentials and enforce strong passwords to reduce authenticated attack surface; (4) Consider isolating affected T10 devices on a separate administrative network segment; (5) Monitor vendor security advisories at https://www.totolink.net for patch releases. Check TOTOLINK's support page for firmware downloads and security bulletins. As a temporary mitigation, disable remote management features if not required and restrict access to port 80/443 at the network perimeter.

CVE-2024-8162 CRITICAL POC
9.3 Aug 26

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Rated critical severity (CVSS

CVE-2025-5905 HIGH POC
8.8 Jun 10

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the WiFi repeater configu

CVE-2025-5904 HIGH POC
8.8 Jun 10

A critical buffer overflow vulnerability exists in TOTOLINK T10 firmware version 4.1.8cu.5207 in the setWiFiMeshName fun

CVE-2025-5903 HIGH POC
8.8 Jun 10

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiAclRules funct

CVE-2025-5902 HIGH POC
8.8 Jun 09

Critical remote buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setUpgradeFW f

CVE-2025-5901 HIGH POC
8.8 Jun 09

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the UploadCustomModule fu

CVE-2025-6137 HIGH POC
8.8 Jun 16

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiScheduleCfg fu

CVE-2024-8577 HIGH POC
8.7 Sep 08

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. Rated high severity (

CVE-2024-8576 HIGH POC
8.7 Sep 08

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. Rated high severity (

CVE-2024-8573 HIGH POC
8.7 Sep 08

A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/

CVE-2025-44655 CRITICAL
9.8 Jul 21

Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers

CVE-2022-25137 CRITICAL
9.8 Feb 19

A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3

Share

CVE-2025-6138 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy