Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-6336 is a critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter in the /boafrm/formTmultiAP endpoint to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability has been disclosed; exploitation requires valid credentials but no user interaction.
Technical ContextAI
The vulnerability exists in the HTTP POST request handler component of TOTOLINK's web-based management interface. The /boafrm/formTmultiAP endpoint fails to properly validate the length of the 'submit-url' parameter before copying it to a fixed-size buffer, creating a classic CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) condition. This is a stack-based or heap-based buffer overflow in embedded router firmware that likely uses legacy C libraries without modern memory protections. The affected product CPE would be approximately 'cpe:2.3:h:totolink:ex1200t:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*'. The firmware runs a basic web server (likely boa or similar) handling form submissions without adequate bounds checking.
RemediationAI
Vendor Patch: Monitor TOTOLINK security advisories and firmware download center for EX1200T updates newer than 4.1.2cu.5232_B20210713. Upgrade immediately when available.; link: https://www.totolink.net/ (vendor website—check support/download section) Workaround (Temporary): Restrict HTTP management access to trusted IP addresses via firewall rules or router access controls. Disable remote management if not required. Change default credentials immediately.; details: This reduces attack surface by limiting who can authenticate to the web interface. Mitigation: Isolate the router on a separate network segment or VPN; apply network-level access controls to the management port (typically 80/443). Monitor for suspicious POST requests to /boafrm/formTmultiAP.; details: Does not fix the vulnerability but limits exposure. Long-term: Consider replacing with a router from a vendor with more responsive security practices and longer firmware support lifecycle. TOTOLINK devices have a history of delayed or absent security patching.
More in Ex1200t Firmware
View allTOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via th
TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the s
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the
Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.
CVE-2025-6393 is a critical buffer overflow vulnerability in the HTTP POST request handler of TOTOLINK routers affecting
Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affe
A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.
A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) aff
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) aff
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18737