Sign-up

ID

VAR-202510-2241


CVE

CVE-2025-12240


TITLE

TOTOLINK A3300R cstecgi.cgi file buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-27573

DESCRIPTION

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The TOTOLINK A3300R is a dual-band wireless router manufactured by TOTOLINK Electronics Co., Ltd. in China, primarily used in home and small network environments. This vulnerability stems from the fact that the parameter `ip` in the function `setDmzCfg` in the file `/cgi-bin/cstecgi.cgi` fails to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code on the system or cause a denial-of-service attack

Trust: 1.44

sources: NVD: CVE-2025-12240 // CNVD: CNVD-2025-27573

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-27573

AFFECTED PRODUCTS

vendor:totolinkmodel:a3300rscope:eqversion:17.0.0cu.557_b20221024

Trust: 1.0

vendor:totolinkmodel:a3300r 17.0.0cu.557 b20221024scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-27573 // NVD: CVE-2025-12240

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-12240
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2025-12240
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2025-27573
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-12240
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-27573
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-12240
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-12240
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-27573 // NVD: CVE-2025-12240 // NVD: CVE-2025-12240

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

sources: NVD: CVE-2025-12240

PATCH

title:Patch for TOTOLINK A3300R cstecgi.cgi file buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/752081

Trust: 0.6

sources: CNVD: CNVD-2025-27573

EXTERNAL IDS

db:NVDid:CVE-2025-12240

Trust: 1.6

db:VULDBid:329910

Trust: 1.0

db:CNVDid:CNVD-2025-27573

Trust: 0.6

sources: CNVD: CNVD-2025-27573 // NVD: CVE-2025-12240

REFERENCES

url:https://github.com/noahze01/iot-vulnerable/blob/main/totolink/a3300r/setdmzcfg.md

Trust: 1.6

url:https://vuldb.com/?submit.673722

Trust: 1.0

url:https://www.totolink.net/

Trust: 1.0

url:https://vuldb.com/?id.329910

Trust: 1.0

url:https://vuldb.com/?ctiid.329910

Trust: 1.0

sources: CNVD: CNVD-2025-27573 // NVD: CVE-2025-12240

SOURCES

db:CNVDid:CNVD-2025-27573
db:NVDid:CVE-2025-12240

LAST UPDATE DATE

2025-11-19T19:40:47.132000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-27573date:2025-11-11T00:00:00
db:NVDid:CVE-2025-12240date:2025-10-27T17:58:43.920

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-27573date:2025-11-10T00:00:00
db:NVDid:CVE-2025-12240date:2025-10-27T07:15:39.633