CVE-2025-8019

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Shenzhen Libituo Technology LBT-T300-T310 version 2.2.3.6

Description A critical remote buffer overflow vulnerability exists in the sub 40B6F0 function of the /appy.cgi file. The vulnerability is triggered by manipulating the wan proto argument. The exploit for this issue has been publicly disclosed and may be used for remote attacks.

Recommendations For Shenzhen Libituo Technology LBT-T300-T310 version 2.2.3.6, restrict or disable access to the /appy.cgi file. As a temporary workaround, avoid using the wan proto argument in the /appy.cgi endpoint until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

CVE-2025-8019

Affected Products

Lbt-T300-T310

CVE-2025-8019

Weakness Enumeration

Related Identifiers

Affected Products

References · 13