Totolink Ex1200t Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink Ex1200t Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Totolink Ex1200t Firmware. Last year, in 2025 Ex1200t Firmware had 21 security vulnerabilities published. Right now, Ex1200t Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 21 | 8.47 |
| 2024 | 1 | 9.80 |
It may take a day or so for new Ex1200t Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink Ex1200t Firmware Security Vulnerabilities
TOTOLINK EX1200T 4.1.2cu.5215 Auth Bypass via formLoginAuth.htm
CVE-2025-51451
9.8 - Critical
- August 13, 2025
In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Buffer Overflow
CVE-2025-6568
8.8 - High
- June 24, 2025
A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Handler buf overflow
CVE-2025-6336
6.5 - Medium
- June 20, 2025
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232_B20210713: Buffer Overflow in setStaticDhcpConfig (Comment)
CVE-2025-6302
8.8 - High
- June 20, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is the function setStaticDhcpConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Comment leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232_B20210713 POST Handler BufOverflow via submit-url
CVE-2025-6162
8.8 - High
- June 17, 2025
A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX120T 4.1.2cu Buffer Overflow via submit-url (HTTP POST Handler)
CVE-2025-6143
8.8 - High
- June 16, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232 buffer overflow via HTTP POST submit-url
CVE-2025-6144
8.8 - High
- June 16, 2025
A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
Critical Buffer Overflow in TOTOLINK EX1200T 4.1.2cu.5232 HTTP POST submit-url
CVE-2025-6145
8.8 - High
- June 16, 2025
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T 4.1.2cu buffer overflow via /boafrm/formStats
CVE-2025-6130
8.8 - High
- June 16, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232 buffer overflow via HTTP POST submit-url
CVE-2025-6128
8.8 - High
- June 16, 2025
A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This affects an unknown part of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232_B20210713: HTTP POST Buffer Overflow
CVE-2025-6129
8.8 - High
- June 16, 2025
A vulnerability classified as critical was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T /boafrm/formWsc HTTP POST Buffer Overflow – pre-4.1.2cu.5232
CVE-2025-5910
8.8 - High
- June 10, 2025
A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T: buffer overflow in HTTP POST Handler (up to 4.1.2cu.5232_B20210713)
CVE-2025-5911
8.8 - High
- June 10, 2025
A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T 4.1.2cu.5232 B20210713 HTTP POST buffer overflow
CVE-2025-5909
8.8 - High
- June 10, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T <=4.1.2cu.5232_B20210713 HTTP POST overflow
CVE-2025-5907
8.8 - High
- June 10, 2025
A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
TOTOLINK EX1200T 4.1.2cu Buffer Overflow in HTTP POST Handler
CVE-2025-5908
8.8 - High
- June 10, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
Buffer Overflow in TOTOLINK EX1200T 4.1.2cu.5232 HTTP POST Handler
CVE-2025-5792
6.5 - Medium
- June 06, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
TOTOLINK EX1200T 4.1.2cu bf via service_type in /boafrm/formPortFw (HTTP POST)
CVE-2025-5793
6.5 - Medium
- June 06, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
Stack Overflow in TOTOLINK EX1200T 4.1.2c setLanguageCfg Remote CVE-2025-5600
CVE-2025-5600
- June 04, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Memory Corruption
Pre-auth RCE in TOTOLINK EX1200T V4.1.2cu.5232 via setUpgradeFW
CVE-2025-28039
- April 22, 2025
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.
TOTOLINK EX1200T 4.1.2cu.5232_B20210713: Pre-auth RCE via setWebWlanIdx
CVE-2025-28038
- April 22, 2025
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter.
TOTOlink EX1200T V4.1.2cu RCE via main
CVE-2023-52032
9.8 - Critical
- January 11, 2024
TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink Ex1200t Firmware or by Totolink? Click the Watch button to subscribe.
