PT-2025-24600 · Totolink · Totolink Ex1200T
Wang_Lun
·
Published
2025-06-07
·
Updated
2025-06-16
·
CVE-2025-5907
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TOTOLINK EX1200T versions up to 4.1.2cu.5232 B20210713
Description
A critical vulnerability was found in the HTTP POST Request Handler component, affecting the /boafrm/formFilter file. This issue leads to a buffer overflow and can be initiated remotely. The exploit has been disclosed to the public and may be used.
Recommendations
For TOTOLINK EX1200T versions up to 4.1.2cu.5232 B20210713, consider restricting access to the HTTP POST Request Handler until a patch is available. As a temporary workaround, avoid using the /boafrm/formFilter file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Totolink Ex1200T