Denial of Service Vulnerability in TOZED ZLT T10 Device
CVE-2025-12917

5.3MEDIUM

Key Information:

Vendor

Tozed

Status
Zlt T10
Vendor
CVE Published:
9 November 2025

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2025-12917?

A flaw exists within the TOZED ZLT T10 reboot handler, specifically in an unknown function of the file /reqproc/proc_post. This vulnerability could be exploited by an attacker with access to the local network, leading to a denial of service condition. Publicly available exploit code poses the risk of widespread attacks, especially since the vendor has not acknowledged or responded to the vulnerability disclosure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ZLT T10 T10PLUS_3.04.15

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-12917 - Proof of Concept

CVE-2025-12917-PoC
Created by 0xcucumbersalad

References

https://vuldb.com/?id.331635
vdb-entry
https://vuldb.com/?ctiid.331635
signaturepermissions-required
https://vuldb.com/?submit.679507
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

cucumbersalad (VulDB User)
JSON
.