Sign-up

ID

VAR-202506-0804


CVE

CVE-2025-6138


TITLE

TOTOLINK  of  t10  Classic buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-007370

DESCRIPTION

A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. TOTOLINK of t10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK T10 is a wireless network system router produced by China's TOTOLINK Electronics. The vulnerability is caused by the parameter ssid5g of the function setWizardCfg in the file /cgi-bin/cstecgi.cgi failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Trust: 2.16

sources: NVD: CVE-2025-6138 // JVNDB: JVNDB-2025-007370 // CNVD: CNVD-2025-14269

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-14269

AFFECTED PRODUCTS

vendor:totolinkmodel:t10scope:eqversion:4.1.8cu.5207

Trust: 1.0

vendor:totolinkmodel:t10scope: - version: -

Trust: 0.8

vendor:totolinkmodel:t10scope:eqversion: -

Trust: 0.8

vendor:totolinkmodel:t10scope:eqversion:t10 firmware 4.1.8cu.5207

Trust: 0.8

vendor:totolinkmodel:t10 4.1.8cu.5207scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-14269 // JVNDB: JVNDB-2025-007370 // NVD: CVE-2025-6138

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-6138
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-007370
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-14269
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-6138
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-007370
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2025-14269
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-6138
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-007370
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-14269 // JVNDB: JVNDB-2025-007370 // NVD: CVE-2025-6138

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Classic buffer overflow (CWE-120) [ others ]

Trust: 0.8

problemtype: Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-007370 // NVD: CVE-2025-6138

PATCH

title:Patch for TOTOLINK T10 setWizardCfg function buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/702361

Trust: 0.6

sources: CNVD: CNVD-2025-14269

EXTERNAL IDS

db:NVDid:CVE-2025-6138

Trust: 3.2

db:VULDBid:312607

Trust: 1.8

db:JVNDBid:JVNDB-2025-007370

Trust: 0.8

db:CNVDid:CNVD-2025-14269

Trust: 0.6

sources: CNVD: CNVD-2025-14269 // JVNDB: JVNDB-2025-007370 // NVD: CVE-2025-6138

REFERENCES

url:https://candle-throne-f75.notion.site/totolink-t10-setwizardcfg-20ddf0aa1185808892f1dbbf63e6a153?pvs=73

Trust: 2.4

url:https://vuldb.com/?id.312607

Trust: 1.8

url:https://vuldb.com/?submit.592917

Trust: 1.8

url:https://www.totolink.net/

Trust: 1.8

url:https://candle-throne-f75.notion.site/totolink-t10-setwizardcfg-20ddf0aa1185808892f1dbbf63e6a153

Trust: 1.8

url:https://vuldb.com/?ctiid.312607

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-6138

Trust: 0.8

sources: CNVD: CNVD-2025-14269 // JVNDB: JVNDB-2025-007370 // NVD: CVE-2025-6138

SOURCES

db:CNVDid:CNVD-2025-14269
db:JVNDBid:JVNDB-2025-007370
db:NVDid:CVE-2025-6138

LAST UPDATE DATE

2025-07-01T23:16:14.217000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-14269date:2025-06-30T00:00:00
db:JVNDBid:JVNDB-2025-007370date:2025-06-23T06:05:00
db:NVDid:CVE-2025-6138date:2025-06-20T14:34:32.397

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-14269date:2025-06-26T00:00:00
db:JVNDBid:JVNDB-2025-007370date:2025-06-23T00:00:00
db:NVDid:CVE-2025-6138date:2025-06-16T21:15:24.323