High severity8.8NVD Advisory· Published Jun 10, 2025· Updated Jun 17, 2026
CVE-2025-5903
CVE-2025-5903
Description
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Affected products
2Patches
Vulnerability mechanics
References
5- candle-throne-f75.notion.site/TOTOLINK-T10-setWiFiAclRules-20bdf0aa118580399a8df6ba2a44c197nvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
- www.totolink.netnvdProduct
News mentions
0No linked articles in our index yet.