CVE-2025-8170 | TOTOLINK T6 4.1.5cu.748_B20211015 MQTT Packet /router/meshSlaveDlfw tcpcheck_net serverIp buffer overflow

Inserito da Angelo Barbosa | Lug 25, 2025 | CVE

A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow.

This vulnerability was named CVE-2025-8170. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8170 | TOTOLINK T6 4.1.5cu.748_B20211015 MQTT Packet /router/meshSlaveDlfw tcpcheck_net serverIp buffer overflow

Post correlati

CVE-2025-21679 | Linux Kernel up to 6.12.10 get_canonical_dev_path null pointer dereference

CVE-2025-32918 | Checkmk up to 2.1.0/2.2.0p43/2.3.0p34/2.4.0p5 Autocomplete Endpoint delimiters

CVE-2025-1158 | ESAFENET CDG 5.6.3.154.205_20250114 addPolicyToSafetyGroup.jsp safetyGroupId sql injection

CVE-2024-12976 | CodeZips Hospital Management System 1.0 /staff.php tel sql injection