Vulnerability Description
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Totolink | Ex1200T Firmware | <= 4.1.2cu.5232_b20210713 |
| Totolink | Ex1200T | - |
Related Weaknesses (CWE)
References
- https://github.com/byxs0x0/cve2/blob/main/5.mdExploitThird Party Advisory
- https://vuldb.com/?ctiid.311682Permissions RequiredVDB Entry
- https://vuldb.com/?id.311682Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.592270Third Party AdvisoryVDB Entry
- https://www.totolink.net/Product
- https://github.com/byxs0x0/cve2/blob/main/5.mdExploitThird Party Advisory
FAQ
What is CVE-2025-5909?
CVE-2025-5909 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component...
How severe is CVE-2025-5909?
CVE-2025-5909 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5909?
Check the references section above for vendor advisories and patch information. Affected products include: Totolink Ex1200T Firmware, Totolink Ex1200T.