CVE-2025-12917
5.3
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Summary
A vulnerability was identified in TOZED ZLT T10 T10PLUS_3.04.15. The affected element is an unknown function of the file /reqproc/proc_post of the component Reboot Handler. Such manipulation leads to denial of service. Access to the local network is required for this attack to succeed. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| TOZED | ZLT T10 | T10PLUS_3.04.15 | affected |
Weaknesses
- CWE-404: Denial of Service
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
- https://vuldb.com/?id.331635
- https://vuldb.com/?ctiid.331635
- https://vuldb.com/?submit.679507
- https://youtu.be/3Me3wlH5cfU
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.