Cyber Resilience

CVE-2025-7912

HighPublic PoC

Published: 20 July 2025

Published
20 July 2025
Modified
23 July 2025
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0136 80.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7912 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Totolink T6 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 19.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

A critical buffer overflow vulnerability designated CVE-2025-7912 affects the TOTOLINK T6 router running firmware version 4.1.5cu.748_B20211015. The flaw resides in the recvSlaveUpgstatus function of the MQTT service, where improper handling of the argument s permits an out-of-bounds write, classified under CWE-119 and CWE-120. The issue received a CVSS 4.0 score of 7.4 reflecting network attack vector, low complexity, and high impact on confidentiality, integrity, and availability.

An authenticated remote attacker can supply a crafted MQTT message to trigger the overflow, potentially achieving arbitrary code execution or denial of service on the device. Public proof-of-concept code has been released, confirming that exploitation requires only low-privileged network access without user interaction.

The associated EPSS score remains low at approximately 0.0136 with negligible movement from its recorded peak, indicating limited observed exploitation interest to date. Available references consist of disclosure entries and a public PoC repository but do not include vendor patch details or official mitigation guidance.

EU & UK References

Vulnerability details

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulation of the argument s leads to buffer overflow. The attack may be initiated…

more

remotely. The exploit has been disclosed to the public and may be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Buffer overflow in exposed MQTT service enables remote code execution from low-priv network access (T1190/T1210) and achieves privilege escalation to full device control (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-8170Same product: Totolink T6
CVE-2025-7913Same product: Totolink T6
CVE-2025-7460Same product: Totolink T6
CVE-2025-7758Same product: Totolink T6
CVE-2025-7837Same product: Totolink T6
CVE-2025-7862Same product: Totolink T6
CVE-2025-7614Same product: Totolink T6
CVE-2025-7524Same product: Totolink T6
CVE-2025-7952Same product: Totolink T6
CVE-2025-7613Same product: Totolink T6

Affected Assets

totolink
t6 firmware
v4.1.5cu.748_b20211015

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates crafted inputs like the 's' argument to the recvSlaveUpgstatus function in the MQTT Service, preventing buffer overflow exploitation.

prevent

Enforces memory protections such as address space layout randomization and stack guards to mitigate unauthorized code execution from buffer overflows in the MQTT Service.

prevent

Requires identification, reporting, and patching of the specific buffer overflow flaw in TOTOLINK T6 firmware version 4.1.5cu.748_B20211015.

References