CVE-2025-7912
Published: 20 July 2025
Summary
CVE-2025-7912 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Totolink T6 Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 19.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
A critical buffer overflow vulnerability designated CVE-2025-7912 affects the TOTOLINK T6 router running firmware version 4.1.5cu.748_B20211015. The flaw resides in the recvSlaveUpgstatus function of the MQTT service, where improper handling of the argument s permits an out-of-bounds write, classified under CWE-119 and CWE-120. The issue received a CVSS 4.0 score of 7.4 reflecting network attack vector, low complexity, and high impact on confidentiality, integrity, and availability.
An authenticated remote attacker can supply a crafted MQTT message to trigger the overflow, potentially achieving arbitrary code execution or denial of service on the device. Public proof-of-concept code has been released, confirming that exploitation requires only low-privileged network access without user interaction.
The associated EPSS score remains low at approximately 0.0136 with negligible movement from its recorded peak, indicating limited observed exploitation interest to date. Available references consist of disclosure entries and a public PoC repository but do not include vendor patch details or official mitigation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22043
Vulnerability details
A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulation of the argument s leads to buffer overflow. The attack may be initiated…
more
remotely. The exploit has been disclosed to the public and may be used.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in exposed MQTT service enables remote code execution from low-priv network access (T1190/T1210) and achieves privilege escalation to full device control (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates crafted inputs like the 's' argument to the recvSlaveUpgstatus function in the MQTT Service, preventing buffer overflow exploitation.
Enforces memory protections such as address space layout randomization and stack guards to mitigate unauthorized code execution from buffer overflows in the MQTT Service.
Requires identification, reporting, and patching of the specific buffer overflow flaw in TOTOLINK T6 firmware version 4.1.5cu.748_B20211015.