Unrated severityNVD Advisory· Published Jul 20, 2025· Updated Jul 21, 2025

TOTOLINK T6 MQTT Service recvSlaveUpgstatus buffer overflow

CVE-2025-7912

Description

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulation of the argument s leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected products

EKEN/T6llm-fuzzy
Range: = 4.1.5cu.748_B20211015
TOTOLINK/T6v5
Range: 4.1.5cu.748_B20211015

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/6.mdmitreexploit
vuldb.commitrethird-party-advisory
github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/6.mdmitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description
www.totolink.netmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000