CVE-2025-7077 | Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6 /appy.cgi config_3g_para username_3g/password_3g buffer overflow

A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2025-7077. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-7077 | Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6 /appy.cgi config_3g_para username_3g/password_3g buffer overflow

Post correlati

CVE-2024-55058 | PHPGurukul Online Birth Certificate System 1.0 view-application-detail.php viewid resource injection

CVE-2024-38496 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.7 PAM access control

CVE-2023-43608 | Buildroot 2023.08.1/622698d7847 code download (TALOS-2023-1845)

CVE-2025-45751 | SourceCodester Web-based Pharmacy Product Management System 1.0 add-admin.php Fullname cross site scripting