{"id":64766,"date":"2025-06-10T04:32:38","date_gmt":"2025-06-10T01:02:38","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-5903-totolink-t10-buffer-overflow-in-post-request-handler\/"},"modified":"2025-06-10T04:32:38","modified_gmt":"2025-06-10T01:02:38","slug":"cve-2025-5903-totolink-t10-buffer-overflow-in-post-request-handler","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-5903-totolink-t10-buffer-overflow-in-post-request-handler\/","title":{"rendered":"CVE-2025-5903 &#8211; TOTOLINK T10 Buffer Overflow in POST Request Handler"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-5903<br \/>\n<br \/>\n<strong>Published : <\/strong> June 10, 2025, 12:15 a.m. | 44\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file \/cgi-bin\/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 8.8 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-5903 Published : June 10, 2025, 12:15 a.m. | 44\u00a0minutes ago Description : A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file \/cgi-bin\/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64766","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64766"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64766\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}