CVE-2025-8170 TOTOLINK T6 MQTT Packet meshSlaveDlfw tcpcheck_net buffer overflow

July 25, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-8170 TOTOLINK T6 MQTT Packet meshSlaveDlfw tcpcheck_net buffer overflow
Type cve
Published 2025-07-25T21:02:07
Last Seen 2025-07-25T21:11:31
Modified 2025-07-25T21:02:07

CVSS Information

Base Score 8.8 (HIGH)
Attack Vector AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

AI Analysis

AI Description A critical buffer overflow vulnerability in the MQTT Packet Handler of TOTOLINK T6 version 4.1.5 allows remote attackers to execute arbitrary code via the tcpcheck_net function.
AI Severity Critical
AI Vendor TOTOLINK
AI Product TOTOLINK T6
AI Version 4.1.5

Additional Information

CVE List CVE-2025-8170
CWE List CWE-120, CWE-119
Bulletin Family cve

Description

A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp…

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.