TOTOLINK EX1200T 4.1.2cu.5232_B20210713 /cgi-bin/cstecgi.cgi setLanguageCfg LangType ବଫର୍ ଓଭରଫ୍ଲୋ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu TOTOLINK EX1200T 4.1.2cu.5232_B20210713 keessatti argameera. Miidhamni argame is hojii setLanguageCfg faayilii /cgi-bin/cstecgi.cgi keessa. Wanti jijjiirame irratti LangType gara ବଫର୍ ଓଭରଫ୍ଲୋ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-121 si geessa. Odeeffannoon kun yeroo 06/04/2025 maxxanfameera. Odeeffannoon kun buufachuuf kn0sinna.notion.site irratti argama. Dogoggorri kun CVE-2025-5600 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit kn0sinna.notion.site irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

3 ଆଡାପ୍ଟେସନ୍ · 88 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
06/04/2025 12:22 PM		ଅଦ୍ୟତନ 1/2
06/04/2025 09:26 PM		ଅଦ୍ୟତନ 2/2
06/06/2025 09:46 AM
software_vendorTOTOLINKTOTOLINKTOTOLINK
software_nameEX1200TEX1200TEX1200T
software_version4.1.2cu.5232_B202107134.1.2cu.5232_B202107134.1.2cu.5232_B20210713
software_file/cgi-bin/cstecgi.cgi/cgi-bin/cstecgi.cgi/cgi-bin/cstecgi.cgi
software_functionsetLanguageCfgsetLanguageCfgsetLanguageCfg
software_argumentLangTypeLangTypeLangType
vulnerability_cweCWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)
vulnerability_risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
advisory_urlhttps://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55https://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55https://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55
exploit_availability111
exploit_publicity111
exploit_urlhttps://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55https://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55https://kn0sinna.notion.site/TOTOLINK-EX1200T-stack-based-BufferOverflow-vulnerability-204b1876cd6e80709ce8dab4778dce55
source_cveCVE-2025-5600CVE-2025-5600CVE-2025-5600
cna_responsibleVulDBVulDBVulDB
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss4_vuldb_avNNN
cvss4_vuldb_acLLL
cvss4_vuldb_prNNN
cvss4_vuldb_uiNNN
cvss4_vuldb_vcHHH
cvss4_vuldb_viHHH
cvss4_vuldb_vaHHH
cvss4_vuldb_ePPP
cvss2_vuldb_rlNDNDND
cvss3_vuldb_rlXXX
cvss4_vuldb_atNNN
cvss4_vuldb_scNNN
cvss4_vuldb_siNNN
cvss4_vuldb_saNNN
cvss2_vuldb_basescore10.010.010.0
cvss2_vuldb_tempscore8.68.68.6
cvss3_vuldb_basescore9.89.89.8
cvss3_vuldb_tempscore8.98.98.9
cvss3_meta_basescore9.89.89.8
cvss3_meta_tempscore8.98.99.3
cvss4_vuldb_bscore9.39.39.3
cvss4_vuldb_btscore8.98.98.9
advisory_date1748988000 (06/04/2025)1748988000 (06/04/2025)1748988000 (06/04/2025)
price_0day$0-$5k$0-$5k$0-$5k
euvd_idEUVD-2025-16902EUVD-2025-16902
cve_nvd_summaryA vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryesSe ha detectado una vulnerabilidad clasificada como crítica en TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Este problema afecta a la función setLanguageCfg del archivo /cgi-bin/cstecgi.cgi. La manipulación del argumento LangType provoca un desbordamiento del búfer basado en la pila. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado.
cvss4_cna_avN
cvss4_cna_acL
cvss4_cna_atN
cvss4_cna_prN
cvss4_cna_uiN
cvss4_cna_vcH
cvss4_cna_viH
cvss4_cna_vaH
cvss4_cna_scN
cvss4_cna_siN
cvss4_cna_saN
cvss4_cna_bscore9.3
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prN
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cH
cvss3_cna_iH
cvss3_cna_aH
cvss3_cna_basescore9.8
cvss2_cna_avN
cvss2_cna_acL
cvss2_cna_auN
cvss2_cna_ciC
cvss2_cna_iiC
cvss2_cna_aiC
cvss2_cna_basescore10

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Want to stay up to date on a daily basis?

Enable the mail alert feature now!