Skip to main content

Ex1200t Firmware CVE-2025-6145

| EUVDEUVD-2025-18426 HIGH
Buffer Overflow (CWE-119)
2025-06-16 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18426
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
PoC Detected
Jun 23, 2025 - 19:29 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 23:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) affecting the /boafrm/formSysLog HTTP POST handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve buffer overflow, leading to remote code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, and the vulnerability affects a widely deployed consumer networking device.

Technical ContextAI

The vulnerability exists in the HTTP POST request handler of TOTOLINK's proprietary firmware, specifically in the /boafrm/formSysLog endpoint. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating a classic buffer overflow due to insufficient bounds checking. The 'submit-url' parameter is processed without proper length validation before being written to a stack or heap buffer, allowing an attacker to overflow adjacent memory. TOTOLINK EX1200T is a dual-band 802.11ac wireless router commonly deployed in SOHO and small enterprise environments. The firmware parsing and web interface are likely implemented in C/C++ without modern memory safety protections. CPE identifier: cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*

RemediationAI

Immediate actions: (1) Identify all TOTOLINK EX1200T devices in your environment, particularly those exposed to untrusted networks. (2) Check TOTOLINK's official website and support portal for firmware updates post-4.1.2cu.5232_B20210713. (3) If no patch is available from vendor (likely given age), consider: network segmentation to restrict unauthenticated access to the management interface (restrict /boafrm/* paths via firewall), disable remote management (WAN access to web UI), enforce strong authentication, or hardware replacement with a vendor offering active security support. (4) Monitor device logs and network traffic for exploitation attempts targeting /boafrm/formSysLog with large submit-url parameter values. (5) If patched firmware exists, validate integrity via checksum/signature before deployment. Workaround: Firewall rules blocking POST requests to /boafrm/formSysLog from untrusted sources; however, internal network attackers may still exploit if authenticated.

CVE-2023-52032 CRITICAL POC
9.8 Jan 11

TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via th

CVE-2021-42872 CRITICAL POC
9.8 Jun 02

TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code

CVE-2025-28038 CRITICAL POC
9.8 Apr 22

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s

CVE-2025-28039 CRITICAL POC
9.8 Apr 22

TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s

CVE-2021-42875 CRITICAL POC
9.8 Jun 02

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the

CVE-2025-5600 CRITICAL POC
9.8 Jun 04

Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.

CVE-2025-6393 HIGH POC
8.8 Jun 21

CVE-2025-6393 is a critical buffer overflow vulnerability in the HTTP POST request handler of TOTOLINK routers affecting

CVE-2025-5907 HIGH POC
8.8 Jun 10

Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affe

CVE-2025-5792 HIGH POC
8.8 Jun 06

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6162 HIGH POC
8.8 Jun 17

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6144 HIGH POC
8.8 Jun 16

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) aff

CVE-2025-6130 HIGH POC
8.8 Jun 16

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

Share

CVE-2025-6145 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy