TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formNtp parameter submit-url to correctly validate the length and size of the input data in the...

PT-2025-24383 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, specifically affecting the formSetPPTPUserList function of the /goform/setPptpUserList file in the HTTP POST Request Handler...

PT-2025-24320 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5232 B20210713 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /boafrm/formPortFw. The manipulation of the service type argument leads to a buffer...

PT-2025-24314 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue affects some unknown functionality of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation of the submit-url argument leads ...

PT-2025-24317 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been discovered, affecting the HTTP POST Request Handler component, specifically the /boafrm/formPortFw file. The manipulation of the service type argument leads to a...

PT-2025-24603 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T versions 4.1.2cu.5232 B20210713 and earlier Description: A critical issue was found in the HTTP POST Request Handler component, affecting an unknown function of the file /boafrm/formReflashClientTbl. The manipulation leads to...

PT-2025-24313 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /boafrm/formWsc. The manipulation of the submit-url argument leads to a buffer overflow. Th...

PT-2025-24319 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5232 B20210713 Description: A critical issue has been found in the HTTP POST Request Handler component, affecting the processing of the file /boafrm/formWlanRedirect. The manipulation of the redirect-url...

PT-2025-24386 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical issue affects the fromadvsetlanip function of the /goform/AdvSetLanip file in the HTTP POST Request Handler component. The manipulation of the lanMask argument leads to a buffer...

PT-2025-24385 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, affecting the formsetschedled function of the file /goform/SetLEDCf in the HTTP POST Request Handler component. The manipulation of...

PT-2025-24312 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been identified, affecting an unknown function of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the submit-url argument lea...

PT-2025-24318 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability was found in the HTTP POST Request Handler component, specifically affecting the file /boafrm/formIpQoS. The manipulation of the mac argument leads to a buffer...

PT-2025-24384 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical issue affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg in the HTTP POST Request Handler component. The manipulation of the remoteIp argument leads to a...

CVE-2025-5672

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2025-5671

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possib...

CVE-2025-5671

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possib...

CVE-2025-5672

The CVE-2025-5672 entry concerns TOTOLINK N302R Plus (versions up to 3.4.0-B20201028). The vulnerability exists in the HTTP POST Request Handler’s file /boafrm/formFilter, where manipulation of the url argument causes a buffer overflow. It can be triggered remotely, with public disclosure of the ...

CVE-2025-5672 TOTOLINK N302R Plus HTTP POST Request formFilter buffer overflow

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2025-5672 TOTOLINK N302R Plus HTTP POST Request formFilter buffer overflow

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2025-5671

TOTOLINK N302R Plus firmware ≤ 3.4.0-B20201028 has a buffer overflow in the HTTP POST Request Handler function /boafrm/formPortFw caused by manipulation of the service_type argument. The issue enables remote code execution, with exploits disclosed publicly. Multiple sources corroborate a critical...