Vulnerability Description
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Totolink | Ex1200T Firmware | <= 4.1.2cu.5232_b20210713 |
| Totolink | Ex1200T | - |
Related Weaknesses (CWE)
References
- https://github.com/byxs0x0/cve2/blob/main/4.mdExploitThird Party Advisory
- https://vuldb.com/?ctiid.311681Permissions RequiredVDB Entry
- https://vuldb.com/?id.311681Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.592269Third Party AdvisoryVDB Entry
- https://www.totolink.net/Product
- https://github.com/byxs0x0/cve2/blob/main/4.mdExploitThird Party Advisory
FAQ
What is CVE-2025-5908?
CVE-2025-5908 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the comp...
How severe is CVE-2025-5908?
CVE-2025-5908 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5908?
Check the references section above for vendor advisories and patch information. Affected products include: Totolink Ex1200T Firmware, Totolink Ex1200T.