Listen to this Post
How the CVE Works
The vulnerability in TOTOLINK EX1200T (firmware 4.1.2cu.5232_B20210713) stems from improper handling of HTTP POST requests in the `/boafrm/formMultiAP` component. Attackers can exploit this by sending a crafted request with an oversized `submit-url` argument, triggering a buffer overflow. Due to insufficient bounds checking, this allows remote code execution (RCE) with elevated privileges. The exploit is network-accessible without authentication, making it highly critical.
DailyCVE Form
Platform: TOTOLINK EX1200T
Version: 4.1.2cu.5232_B20210713
Vulnerability: Buffer Overflow
Severity: Critical
Date: 06/23/2025
Prediction: Patch by 08/2025
What Undercode Say
curl -X POST -d "submit-url=$(python -c 'print("A"1000)')" http://target/boafrm/formMultiAP
import requests
requests.post("http://target/boafrm/formMultiAP", data={"submit-url": "A"1000})
How Exploit
1. Craft oversized `submit-url` payload.
2. Send via HTTP POST to `/boafrm/formMultiAP`.
3. Overflow triggers RCE.
Protection from this CVE
- Apply vendor patch.
- Disable remote management.
- Use network segmentation.
Impact
- Remote code execution.
- Full device compromise.
- Unauthorized access.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
