What is CVE-2025-5105?

CVE-2025-5105 is a high-severity vulnerability in Tozed Zlt W51, classified under CWE-244. CVSS score: 7.3/10. Published 2025-05-23.

How severe is CVE-2025-5105?

High severity. CVSS v3 base score is 7.3 out of 10.

Is CVE-2025-5105 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Tozed Zlt W51

CVE-2025-5105

A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before r…

EPSS: 0.003 (57.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Tozed Zlt W51 — versions 1.4.0, 1.4.1, 1.4.2

Weakness classification (CWE)

CWE-244

Public proof-of-concept exploits

References

VDB-310082 | TOZED ZLT W51 Service Port 7777 heap inspection (vdb-entry, mitigation)
VDB-310082 | CTI Indicators (IOB, IOC) (signature, permissions-required)
Submit #568495 | TOZED ZLT W51 Wifi6 Router (Ooredoo) Firmware version 1.4.2 Information Disclosure (third-party-advisory)
github.com/Zephkek/LeakyTozed (related)
github.com/Zephkek/LeakyTozed (exploit)

Frequently asked questions

What is CVE-2025-5105?: CVE-2025-5105 is a high-severity vulnerability in Tozed Zlt W51, classified under CWE-244. CVSS score: 7.3/10. Published 2025-05-23.
How severe is CVE-2025-5105?: High severity. CVSS v3 base score is 7.3 out of 10.
Is CVE-2025-5105 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.