CVE-2025-6137 | TOTOLINK T10 4.1.8cu.5207 HTTP POST Request /cgi-bin/cstecgi.cgi setWiFiScheduleCfg desc buffer overflow

A vulnerability classified as critical has been found in TOTOLINK T10 4.1.8cu.5207. Affected is the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument desc leads to buffer overflow.

This vulnerability is traded as CVE-2025-6137. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More