CVE-2025-6130

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Published: Jun 16, 2025
Updated: Jun 21, 2025
CVE: CVE-2025-6130
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-120

Affected Software
References

Software	From	Fixed in
totolink / ex1200t_firmware	4.1.2cu.5232_b20210713	4.1.2cu.5232_b20210713.x

https://github.com/byxs0x0/cve2/blob/main/10.md
https://github.com/byxs0x0/cve2/blob/main/10.md#poc
https://vuldb.com/?ctiid.312599
https://vuldb.com/?id.312599
https://vuldb.com/?submit.592696
https://www.totolink.net/

Vulnerability Database

CVE-2025-6130

Deep Security Visibility Without the Complexity