CVE-2025-5793

🗓️ 06 Jun 2025 18:00:17Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 53 Views🌐 WEB

Critical vulnerability in TOTOLINK EX1200T allows remote buffer overflow via HTTP POST request.

Reporter	Title	Published	Views	Family All 8
CNNVD	TOTOLINK EX1200T 安全漏洞	6 Jun 202500:00	–	cnnvd
CNVD	TOTOLINK EX1200T /boafrm/formPortFw File Buffer Overflow Vulnerability	10 Jun 202500:00	–	cnvd
Cvelist	CVE-2025-5793 TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflow	6 Jun 202518:00	–	cvelist
EUVD	EUVD-2025-17349	3 Oct 202520:07	–	euvd
NVD	CVE-2025-5793	6 Jun 202518:15	–	nvd
Positive Technologies	PT-2025-24320 · Totolink · Totolink Ex1200T	6 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-5793	8 Jun 202519:17	–	redhatcve
Vulnrichment	CVE-2025-5793 TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflow	6 Jun 202518:00	–	vulnrichment

NVD

Node

totolink ex1200t_firmwareMatch4.1.2cu.5232_b20210713

AND

totolink ex1200tMatch-

[
  {
    "vendor": "TOTOLINK",
    "product": "EX1200T",
    "versions": [
      {
        "version": "4.1.2cu.5232_B20210713",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
totolink	www.totolink.net/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/byxs0x0/cve2/blob/main/2.md

Parameter	Position	Path	Description	CWE
service_type	request body	/boafrm/formPortFw	Buffer overflow via parameter service_type in POST /boafrm/formPortFw leading to remote code execution	CWE-119, CWE-120
	request body	/boafrm/formPortFw	Buffer overflow via parameter service_type in POST /boafrm/formPortFw leading to remote code execution	CWE-119, CWE-120

12 Jun 2025 16:20Current

7.4High risk

Vulners AI Score7.4

CVSS 3.16.5 - 8.8

CVSS 48.7

CVSS 29

CVSS 38.8

EPSS0.00955

SSVC