Skip to main content

Ex1200t Firmware CVE-2025-6143

| EUVDEUVD-2025-18425 HIGH
Buffer Overflow (CWE-119)
2025-06-16 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18425
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
PoC Detected
Jun 23, 2025 - 19:29 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 23:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in TOTOLINK EX1200T router firmware (version 4.1.2cu.5232_B20210713) affecting the NTP configuration handler. An authenticated attacker can remotely exploit this vulnerability via HTTP POST requests to the /boafrm/formNtp endpoint by manipulating the submit-url parameter, achieving remote code execution with complete system compromise (confidentiality, integrity, and availability). A public exploit has been disclosed and the vulnerability may be actively exploited in the wild.

Technical ContextAI

The vulnerability exists in the HTTP POST request handler component that processes NTP (Network Time Protocol) configuration parameters. The affected file /boafrm/formNtp fails to properly validate the length of the 'submit-url' argument before copying it into a fixed-size buffer, resulting in a classic stack-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer). The TOTOLINK EX1200T is a wireless router that uses embedded HTTP services for administrative configuration. The vulnerability is present in firmware version 4.1.2cu.5232_B20210713 and potentially affects CPE: cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*. The buffer overflow allows attackers to overwrite the stack, potentially redirecting program execution to attacker-controlled code.

RemediationAI

Primary: Update firmware to a patched version released by TOTOLINK addressing CVE-2025-6143. Contact TOTOLINK support or check the official product support page at totolink.net for available firmware updates. If a patch is not available, implement network-level mitigations: (1) Restrict HTTP administrative access to the router via firewall rules, limiting access to trusted IP addresses/networks; (2) Enforce strong, unique credentials for router administrative accounts to prevent unauthorized authentication; (3) Disable remote management features if not required; (4) Isolate the router on a separate administrative VLAN with restricted access. Monitor for suspicious HTTP POST requests to /boafrm/formNtp with unusually long submit-url parameters.

CVE-2023-52032 CRITICAL POC
9.8 Jan 11

TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via th

CVE-2021-42872 CRITICAL POC
9.8 Jun 02

TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code

CVE-2025-28038 CRITICAL POC
9.8 Apr 22

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s

CVE-2025-28039 CRITICAL POC
9.8 Apr 22

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s

CVE-2021-42875 CRITICAL POC
9.8 Jun 02

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the

CVE-2025-5600 CRITICAL POC
9.8 Jun 04

Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.

CVE-2025-6393 HIGH POC
8.8 Jun 21

CVE-2025-6393 is a critical buffer overflow vulnerability in the HTTP POST request handler of TOTOLINK routers affecting

CVE-2025-5907 HIGH POC
8.8 Jun 10

Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affe

CVE-2025-5792 HIGH POC
8.8 Jun 06

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6162 HIGH POC
8.8 Jun 17

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6145 HIGH POC
8.8 Jun 16

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) aff

CVE-2025-6144 HIGH POC
8.8 Jun 16

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) aff

Share

CVE-2025-6143 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy