Buffer Overflow Vulnerability in TOTOLINK EX1200T Product
CVE-2025-6144

8.8HIGH

Key Information:

Vendor: TOTOLINK
Status: EX1200T
Vendor: CVE Published:; 16 June 2025

What is CVE-2025-6144?

An identified vulnerability in the TOTOLINK EX1200T (version 4.1.2cu.5232_B20210713) involves an exploitable buffer overflow within the HTTP POST Request Handler. This issue arises from the manipulation of the 'submit-url' parameter in the '/boafrm/formSysCmd' file, allowing attackers to perform remote exploits. Since the vulnerability details have been publicly disclosed, it poses a risk to users if left unpatched.

References

https://github.com/awindog/cve/blob/main/688/1.md

https://github.com/awindog/cve/blob/main/688/1.md#poc

https://vuldb.com/?ctiid.312619

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2025