CVE-2025-6128— TOTOLINK EX1200T HTTP POST Request formWirelessTbl buffer overflow

TOTOLINK EX1200T HTTP POST Request formWirelessTbl buffer overflow

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This affects an unknown part of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

TOTOLINK EX1200T 安全漏洞

TOTOLINK EX1200T是中国吉翁电子（TOTOLINK）公司的一款 Wi-Fi 范围扩展器。 TOTOLINK EX1200T 存在安全漏洞，该漏洞源于对文件/boafrm/formWirelessTbl中参数submit-url的错误操作导致缓冲区溢出。

N/A

N/A