CVE-2025-6129
published 2025-06-16CVE-2025-6129: A vulnerability classified as critical was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability classified as critical was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_cloud-hypervisor-cvm_38.0.72-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_cloud-hypervisor-cvm_38.0.72.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_edk2_20240524git3e722403cd16-8_on_azure_linux_3.0 | — | — |
| msrc | azl3_nodejs_20.10.0-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_nodejs_20.14.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_openssl_3.1.4-9_on_azure_linux_3.0 | — | — |
| msrc | azl3_openssl_3.3.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_qemu_8.2.0-16_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_cloud-hypervisor-cvm_38.0.72-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_cloud-hypervisor-cvm_38.0.72.2-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hvloader_1.0.1-5_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hvloader_1.0.1-6_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_nodejs18_18.18.2-7_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| totolink | ex1200t | — | — |
| totolink | ex1200t_firmware | — | — |