EUVD-2025-18737

| CVE-2025-6336 HIGH
2025-06-20 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 00:19 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 00:19 euvd
EUVD-2025-18737
PoC Detected
Jun 26, 2025 - 18:28 vuln.today
Public exploit code
CVE Published
Jun 20, 2025 - 12:15 nvd
HIGH 8.8

Tags

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK

Description

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6336 is a critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter in the /boafrm/formTmultiAP endpoint to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability has been disclosed; exploitation requires valid credentials but no user interaction.

Technical Context

The vulnerability exists in the HTTP POST request handler component of TOTOLINK's web-based management interface. The /boafrm/formTmultiAP endpoint fails to properly validate the length of the 'submit-url' parameter before copying it to a fixed-size buffer, creating a classic CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) condition. This is a stack-based or heap-based buffer overflow in embedded router firmware that likely uses legacy C libraries without modern memory protections. The affected product CPE would be approximately 'cpe:2.3:h:totolink:ex1200t:4.1.2cu.5232_b20210713:*:*:*:*:*:*:*'. The firmware runs a basic web server (likely boa or similar) handling form submissions without adequate bounds checking.

Affected Products

EX1200T (['4.1.2cu.5232_B20210713'])

Remediation

Vendor Patch: Monitor TOTOLINK security advisories and firmware download center for EX1200T updates newer than 4.1.2cu.5232_B20210713. Upgrade immediately when available.; link: https://www.totolink.net/ (vendor website—check support/download section) Workaround (Temporary): Restrict HTTP management access to trusted IP addresses via firewall rules or router access controls. Disable remote management if not required. Change default credentials immediately.; details: This reduces attack surface by limiting who can authenticate to the web interface. Mitigation: Isolate the router on a separate network segment or VPN; apply network-level access controls to the management port (typically 80/443). Monitor for suspicious POST requests to /boafrm/formTmultiAP.; details: Does not fix the vulnerability but limits exposure. Long-term: Consider replacing with a router from a vendor with more responsive security practices and longer firmware support lifecycle. TOTOLINK devices have a history of delayed or absent security patching.

Priority Score

65
Low Medium High Critical
KEV: 0
EPSS: +0.6
CVSS: +44
POC: +20

Share

EUVD-2025-18737 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy