CVE-2025-12241 | TOTOLINK A3300R 17.0.0cu.557_B20221024 POST Parameter /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow

Inserito da Angelo Barbosa | Ott 25, 2025 | CVE

A vulnerability classified as critical was found in TOTOLINK A3300R 17.0.0cu.557_B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow.

This vulnerability is known as CVE-2025-12241. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-12241 | TOTOLINK A3300R 17.0.0cu.557_B20221024 POST Parameter /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow

Post correlati

CVE-2025-36636 | Tenable Security Center up to 6.6.x access control

CVE-2023-24010 | eProsima DDS PKCS7_verify signature verification

CVE-2024-54275 | Wibergs Web CSV to HTML Plugin up to 3.04 on WordPress cross site scripting

CVE-2024-1175 | WP-Recall Plugin up to 16.26.6 on WordPress delete_payment improper authentication