Listen to this Post
How the CVE Works
The vulnerability in TOTOLINK EX1200T (up to version 4.1.2cu.5232_B20210713) resides in the `/boafrm/formReflashClientTbl` endpoint, which handles HTTP POST requests. Due to insufficient input validation, a buffer overflow occurs when excessively long data is sent in the request. Attackers can exploit this remotely to execute arbitrary code or crash the device. The flaw stems from improper bounds checking in the firmware’s request handler, allowing overwriting of adjacent memory. Publicly disclosed exploits leverage crafted POST requests to trigger the overflow.
DailyCVE Form
Platform: TOTOLINK EX1200T
Version: ≤4.1.2cu.5232_B20210713
Vulnerability: Buffer Overflow
Severity: Critical
Date: 06/09/2025
Prediction: Patch by 08/2025
What Undercode Say
curl -X POST -d "payload=$(python -c 'print("A"1000)')" http://target/boafrm/formReflashClientTbl
import requests
requests.post("http://target/boafrm/formReflashClientTbl", data={"data": "A"1024})
How Exploit
Crafted HTTP POST request to `/boafrm/formReflashClientTbl` with oversized payload triggers overflow.
Protection from this CVE
Update firmware.
Disable remote management.
Impact
RCE, DoS.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
