CVE-2025-14105 | TOZED ZLT M30S/ZLT M30S PRO 1.47/3.09.06 Web Interface /reqproc/proc_post goformId denial of service

December 5, 2025 Yanac

A vulnerability described as problematic has been identified in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/proc_post of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOT_DEVICE can lead to denial of service.

This vulnerability is handled as CVE-2025-14105. The attack can only be done within the local network. Additionally, an exploit exists.VulDB Recent EntriesRead More