Aggregates CVE and security vulnerability intelligence across all szlbt-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk buffer overflow and vendor risk denial of service, with potential vendor impact application crash and vendor impact memory corruption across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-8019 | A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.4 | 1.49% | 2025-07-22 | 2025-08-20 |
| CVE-2025-7077 | A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | [email protected] | 7.4 | 1.21% | 2025-07-06 | 2025-08-20 |
| CVE-2025-29570 | An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc. | [email protected] | 7.8 | 0.16% | 2025-04-03 | 2025-08-20 |
| CVE-2024-40536 | Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function. | [email protected] | 5.3 | 0.15% | 2024-07-16 | 2025-08-20 |
| CVE-2024-40535 | Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a stack overflow via the apn_name_3g parameter in the config_3g_para function. | [email protected] | 9.8 | 0.45% | 2024-07-16 | 2025-08-20 |
| CVE-2024-39181 | Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a buffer overflow via the ApCliSsid parameter in thegenerate_conf_router() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | [email protected] | 6.5 | 0.23% | 2024-07-09 | 2025-08-20 |
| CVE-2024-32324 | Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program. | [email protected] | 7.8 | 0.05% | 2024-04-25 | 2025-08-20 |
| CVE-2024-29244 | Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at /apply.cgi. | [email protected] | 5.3 | 0.12% | 2024-03-21 | 2025-06-17 |
| CVE-2024-29243 | Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi. | [email protected] | 9.8 | 0.26% | 2024-03-21 | 2025-06-17 |
| CVE-2024-28447 | Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at /apply.cgi. | [email protected] | 6.5 | 0.04% | 2024-03-19 | 2025-08-21 |
| CVE-2024-28446 | Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at /apply.cgi. | [email protected] | 5.7 | 0.04% | 2024-03-19 | 2025-08-20 |
| CVE-2023-50469 | Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi. | [email protected] | 9.8 | 10.11% | 2023-12-15 | 2024-11-21 |
| CVE-2023-47307 | Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter. | [email protected] | 7.5 | 0.20% | 2023-11-30 | 2024-11-21 |