CVE-2025-2097 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setRptWizardCfg loginpass stack-based overflow

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2025-2097. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-2097 | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setRptWizardCfg loginpass stack-based overflow

Post correlati

CVE-2024-27847 | Apple iOS/iPadOS up to 17.4 App access control (HT214101)

CVE-2024-8163 | Chengdu Everbrite Network Technology BeikeShop up to 1.5.5 files destroyFiles path traversal

CVE-2023-44383 | October CMS up to 3.5.1 Media Manager cross site scripting (GHSA-rvx8-p3xp-fj3p)

CVE-2024-31899 | IBM Cognos Command Center 10.2.4.1/10.2.5 credentials storage