CVE-2025-5875

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-5875
A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS

No CVSS.

References
Link Resource
https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651 Exploit Third Party Advisory
https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651 Exploit Third Party Advisory
https://vuldb.com/?ctiid.311634 Permissions Required VDB Entry
https://vuldb.com/?id.311634 Third Party Advisory VDB Entry
https://vuldb.com/?submit.581366 Third Party Advisory VDB Entry
https://www.tp-link.cn/ Broken Link
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:tl-ipc544ep-w4_firmware:1.0.9:build240428_rel69493n:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-ipc544ep-w4:-:*:*:*:*:*:*:*
History

23 Jun 2025, 14:21

Type Values Removed Values Added
CPE cpe:2.3:o:tp-link:tl-ipc544ep-w4_firmware:1.0.9:build240428_rel69493n:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-ipc544ep-w4:-:*:*:*:*:*:*:*
CWE CWE-120
First Time Tp-link tl-ipc544ep-w4
Tp-link tl-ipc544ep-w4 Firmware
Tp-link
References () https://vuldb.com/?submit.581366 - () https://vuldb.com/?submit.581366 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?id.311634 - () https://vuldb.com/?id.311634 - Third Party Advisory, VDB Entry
References () https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651 - () https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651 - Exploit, Third Party Advisory
References () https://www.tp-link.cn/ - () https://www.tp-link.cn/ - Broken Link
References () https://vuldb.com/?ctiid.311634 - () https://vuldb.com/?ctiid.311634 - Permissions Required, VDB Entry

12 Jun 2025, 19:15

Type Values Removed Values Added
References
  • {'url': 'https://www.tp-link.com/', 'name': 'https://www.tp-link.com/', 'tags': [], 'refsource': ''}
  • () https://www.tp-link.cn/ -
References () https://vuldb.com/?id.311634 - () https://vuldb.com/?id.311634 -
Summary A vulnerability classified as critical has been found in TP-Link TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

09 Jun 2025, 13:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-09 12:15

Updated : 2025-06-23 14:21

NVD link : CVE-2025-5875

Mitre link : CVE-2025-5875

JSON object : View

Products Affected

tp-link

  • tl-ipc544ep-w4
  • tl-ipc544ep-w4_firmware
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')