PT-2025-27503 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of the TOTOLINK A3002RU router. The issue affects an unknown function of the file...

PT-2025-27504 · Totolink · Totolink A702R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 4.0.0-B20230721.1521 Description: A critical vulnerability affects an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the submit-url argument...

D-Link DIR-825 do_file function buffer overflow vulnerability

The D-Link DIR-825 is a router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-825 version 2.03, which originates from the function dofile in the HTTP POST Request Handler component that fails to correctly validate the length and size of the input data, and can b...

CVE-2025-6568

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6565

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-6627

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-6568

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6568

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

TOTOLINK A3002R /boafrm/formMultiAP file buffer overflow vulnerability

The TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R version 4.0.0-B20230531.1404 suffers from a buffer overflow vulnerability that originates from a failure of the parameter submit-url in the file /boafrm/formMultiAP in the HTTP POST Request Handle...

PT-2025-26734 · NetGear · Netgear Wnce3001

Name of the Vulnerable Software and Affected Versions: Netgear WNCE3001 version 1.0.0.50 Description: A critical vulnerability has been found, affecting the http d function of the HTTP POST Request Handler component. The manipulation of the Host argument leads to a stack-based buffer overflow. Th...

CVE-2025-6336

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possibl...

CVE-2025-6399

A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6393

A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request...

CVE-2025-6401

A vulnerability was found in TOTOLINK N300RH 6.1c.1390B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been...

CVE-2025-6399

A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6336

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possibl...

CVE-2025-6336

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possibl...

CVE-2025-6337

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the...

CVE-2025-6292

CVE-2025-6292 affects D-Link DIR-825, specifically version 2.03. The issue stems from the HTTP POST Request Handler’s sub_4091AC function, which can be triggered remotely to cause a stack-based buffer overflow. Public exploitation is indicated, and the vulnerability targets devices no longer supp...

PT-2025-26307 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU versions 3.0.0-B20230809.1615 through 4.0.0-B20230531.1404 Description: A critical vulnerability has been found in the HTTP POST Request Handler of the affected devices. The issue is related to the manipulation of...