szlbt CVE Vulnerabilities & Metrics

Focus on szlbt vulnerabilities and metrics.

Last updated: 21 Aug 2025, 22:25 UTC

About szlbt Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with szlbt. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total szlbt CVEs: 13
Earliest CVE date: 30 Nov 2023, 23:15 UTC
Latest CVE date: 22 Jul 2025, 16:15 UTC

Latest CVE reference: CVE-2025-8019

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): -70.0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): -70.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical szlbt CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.38

Max CVSS: 9.0

Critical CVEs (≥9): 2

CVSS Range vs. Count

Range	Count
0.0-3.9	11
4.0-6.9	0
7.0-8.9	0
9.0-10.0	2

CVSS Distribution Chart

Top 5 Highest CVSS szlbt CVEs

These are the five CVEs with the highest CVSS scores for szlbt, sorted by severity first and recency.

CVE-2025-8019 szlbt Published on 22 Jul 2025, 16:15 UTC (CVSS: 9.0)
A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-7077 szlbt Published on 06 Jul 2025, 07:15 UTC (CVSS: 9.0)
A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be ...
CVE-2025-29570 szlbt Published on 03 Apr 2025, 20:15 UTC (CVSS: 0)
An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc.
CVE-2024-40536 szlbt Published on 16 Jul 2024, 21:15 UTC (CVSS: 0)
Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function.
CVE-2024-40535 szlbt Published on 16 Jul 2024, 21:15 UTC (CVSS: 0)
Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a stack overflow via the apn_name_3g parameter in the config_3g_para function.

All CVEs for szlbt

CVE-2025-8019 szlbt vulnerability CVSS: 9.0 22 Jul 2025, 16:15 UTC

A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7077 szlbt vulnerability CVSS: 9.0 06 Jul 2025, 07:15 UTC

A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-29570 szlbt vulnerability CVSS: 0 03 Apr 2025, 20:15 UTC

An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc.

CVE-2024-40536 szlbt vulnerability CVSS: 0 16 Jul 2024, 21:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function.

CVE-2024-40535 szlbt vulnerability CVSS: 0 16 Jul 2024, 21:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a stack overflow via the apn_name_3g parameter in the config_3g_para function.

CVE-2024-39181 szlbt vulnerability CVSS: 0 09 Jul 2024, 21:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a buffer overflow via the ApCliSsid parameter in thegenerate_conf_router() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

CVE-2024-32324 szlbt vulnerability CVSS: 0 25 Apr 2024, 20:15 UTC

Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program.

CVE-2024-29244 szlbt vulnerability CVSS: 0 21 Mar 2024, 15:16 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at /apply.cgi.

CVE-2024-29243 szlbt vulnerability CVSS: 0 21 Mar 2024, 15:16 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi.

CVE-2024-28447 szlbt vulnerability CVSS: 0 19 Mar 2024, 06:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at /apply.cgi.

CVE-2024-28446 szlbt vulnerability CVSS: 0 19 Mar 2024, 06:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at /apply.cgi.

CVE-2023-50469 szlbt vulnerability CVSS: 0 15 Dec 2023, 21:15 UTC

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi.

CVE-2023-47307 szlbt vulnerability CVSS: 0 30 Nov 2023, 23:15 UTC

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter.