CNNVD-202507-588 Information

Jul 06, 2025 cve

CNNVD ID

CNNVD-202507-588

CVE-2025-7077

CNNVD Published: 2025-07-06

Description (Chinese)

Shenzhen Libituo Technology LBT-T300-T310是中国力必拓科技（Shenzhen Libituo Technology）公司的一款工业路由器。 Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6及之前版本存在安全漏洞，该漏洞源于文件/appy.cgi中参数username_3g/password_3g的错误操作导致缓冲区溢出。

Description (English)

Shenzhen Libituo Technology LBT-T300-T310 is an industrial router of Shenzhen Libituo Technology. There is a security loophole in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6 and previous versions, which stems from the error of the parameter username 3g/password 3g in the document/appy.cgi, which caused the buffer zone to spill.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

神州讯盟

Published

2025-07-06

Last Modified

2026-02-24

References

https://vuldb.com/?id.314991 https://vuldb.com/?submit.603012 https://vuldb.com/?ctiid.314991 https://github.com/FLY200503/IoT-vul/tree/master/LBT-T300 https://nvd.nist.gov/vuln/detail/CVE-2025-7077 https://access.redhat.com/security/cve/cve-2025-7077

Share on: