Key Information Vulnerability Identifier CVE ID: CVE-2025-7837 Affected Scope Vendor: TOTOLINK Affected Product: T6 Affected Firmware Version: V4.1.5cu.748_B20211015 Vulnerability Overview Vulnerability Type: Buffer Overflow Service: MQTT Port: 1883 Impact: Can lead to Remote Code Execution (RCE) Vulnerability Details Problem Function: Problem Code: Description: The buffer has a size of 4 bytes, but does not check the input length, leading to a buffer overflow. Attack Method Attack Vector: Sending malicious MQTT packets Example: Conclusion This vulnerability allows attackers to exploit a buffer overflow by sending specially crafted MQTT packets, leading to remote code execution, posing a severe security threat to affected devices.