CNNVD-202512-3802 Information
CNNVD ID
CNNVD-202512-3802
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
TOTOLINK T10是中国吉翁电子(TOTOLINK)公司的一款无线网路系统路由器。 TOTOLINK T10 4.1.8cu.5083_B20200521版本存在安全漏洞,该漏洞源于文件/cgi-bin/cstecgi.cgi中sprintf函数对参数loginAuthUrl处理不当,可能导致栈缓冲区溢出。
Description (English)
TOTOLINK T10 is a wireless network router of the Chinese company TOTOLINK. There is a security loophole in TOTOLINK T10 4.1.8cu.5083 B20200521, which stems from the inappropriate handling of parameters in the sprintf function in document/cgi-bin/cstecgi.cgi for loginAuthUrl, which may result in spilling out of the fence.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
吉翁电子
Published
2025-12-19
Last Modified
2026-02-24
References
https://github.com/JackWesleyy/CVE/blob/main/TOTOLINK_T10_BOC.md https://vuldb.com/?ctiid.337599 https://vuldb.com/?id.337599 https://vuldb.com/?submit.717720 https://www.totolink.net/ https://access.redhat.com/security/cve/cve-2025-14964
Patch
https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/172/ids/36.html
Share on: