CVE-2025-8139 TOTOLINK A702R HTTP POST Request formPortFw buffer overflow

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been classified as critical. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possible to...

CVE-2025-8139

TOTOLINK A702R (firmware 4.0.0-B20230721.1521) contains a vulnerable HTTP POST Request Handler in /boafrm/formPortFw where manipulation of the service_type argument triggers a buffer overflow. This allows remote exploitation; exploits have been publicly disclosed. Several sources corroborate the ...

CVE-2025-8137

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The...

CVE-2025-8138

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-8138

TOTOLINK A702R 4.0.0-B20230721.1521 is affected by a buffer overflow in the HTTP POST Request Handler’s /boafrm/formOneKeyAccessButton when manipulating the submit-url argument. The issue can be triggered remotely (network), with potential for arbitrary code execution and denial of service as des...

CVE-2025-8138 TOTOLINK A702R HTTP POST Request formOneKeyAccessButton buffer overflow

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-8138 TOTOLINK A702R HTTP POST Request formOneKeyAccessButton buffer overflow

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-8137

Summary: CVE-2025-8137 affects TOTOLINK A702R (v4.0.0-B20230721.1521). The HTTP POST handler under /boafrm/formIpQoS is vulnerable due to improper handling of the mac parameter, causing a buffer overflow. This enables remote exploitation and has been publicly disclosed. The vulnerability’s impact...

CVE-2025-8137 TOTOLINK A702R HTTP POST Request formIpQoS buffer overflow

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The...

CVE-2025-8136

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

CVE-2025-8136

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

CVE-2025-8136 TOTOLINK A702R HTTP POST Request formFilter buffer overflow

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

CVE-2025-8136 TOTOLINK A702R HTTP POST Request formFilter buffer overflow

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

CVE-2025-8136

TOTOLINK A702R 4.0.0-B20230721.1521 contains a buffer overflow in the HTTP POST Request Handler, triggered by the ip6addr parameter in the /boafrm/formFilter endpoint. This allows remote exploitation and has publicly disclosed exploits. Connected documents consistently describe the affected compo...

PT-2025-31023 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK X15. The vulnerability is located in the unknown code of the /boafrm/formFilter file and results in ...

PT-2025-31027 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability exists in the TOTOLINK X15 device. The issue is a buffer overflow within an unknown function of the HTTP POST Request Handler component, specifically in the file...

Code-Projects Church Donation System 安全漏洞

Code-Projects Church Donation System is an open source church donation system from Code-Projects. A security vulnerability exists in Code-Projects Church Donation System version 1.0, which stems from an incorrect manipulation of the parameter Username in the file /admin/index.php in the HTTP POST...

TOTOLINK A702R 安全漏洞

The TOTOLINK A702R is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A702R version 4.0.0B20230721.1521, which stems from improper handling of the submit-url parameter in the /boafrm/formWlanMultipleAP file in the HTTP POST request handling component. An attack...

PT-2025-30929 · Unknown · Church Donation System

Name of the Vulnerable Software and Affected Versions: code-projects Church Donation System version 1.0 Description: A critical vulnerability exists in code-projects Church Donation System 1.0. The issue is a SQL injection affecting an unknown function within the /admin/index.php file of the HTTP...

PT-2025-31028 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability exists in the TOTOLINK X15 router's built-in boa server. The issue is a buffer overflow within the memory during the processing of the submit-url parameter. This...