CVE-2025-7077
BaseFortify
Publication date: 2025-07-06
Last updated on: 2025-08-20
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| szlbt | lbt-t300-t310_firmware | to 2.2.3.6 (inc) |
| szlbt | lbt-t300-t310 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a critical buffer overflow found in Shenzhen Libituo Technology's LBT-T300-T310 devices (firmware up to version 2.2.3.6). It occurs in the function config_3g_para within the /appy.cgi file, where improper handling of the username_3g and password_3g parameters allows an attacker to overflow a buffer. This happens because the device copies input data into an output buffer without checking if the input size fits, leading to a classic buffer overflow issue (CWE-120). The vulnerability can be exploited remotely without authentication. [1, 2]
How can this vulnerability impact me? :
Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a denial of service on the affected device. It impacts the confidentiality, integrity, and availability of the device, potentially allowing remote attackers to take control or disrupt its operation. The exploit is publicly available and considered easy to execute, with no known patches or mitigations currently provided by the vendor. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic for requests to the /appy.cgi endpoint with unusually long or malformed parameters username_3g or password_3g, which may indicate attempts to exploit the buffer overflow. Since the exploit is publicly available, you can use tools like curl or wget to send crafted requests to test the presence of the vulnerability. For example, a command like: curl -X POST 'http://<device-ip>/appy.cgi' -d 'username_3g=<long_string>&password_3g=<long_string>' can be used to check if the device responds abnormally or crashes. Additionally, network intrusion detection systems (NIDS) can be configured to alert on such suspicious requests targeting /appy.cgi with these parameters. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include isolating the affected devices from untrusted networks to prevent remote exploitation, disabling remote access to the /appy.cgi endpoint if possible, and monitoring for any suspicious activity targeting this endpoint. Since no patches or vendor mitigations are available, it is strongly recommended to replace the affected Shenzhen Libituo Technology LBT-T300-T310 devices running firmware up to 2.2.3.6 with alternative devices that are not vulnerable. [2]