CVE-2025-5909

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch th...

CVE-2025-5907 TOTOLINK EX1200T HTTP POST Request formFilter buffer overflow

A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2025-5904

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument devicename leads to buffer overflow. Th...

CVE-2025-5905

CVE-2025-5905 affects TOTOLINK T10 v4.1.8cu.5207. The vulnerability is in the POST Request Handler, specifically the function setWiFiRepeaterCfg in the file /cgi-bin/cstecgi.cgi where manipulation of the Password parameter leads to a buffer overflow. The issue can be exploited remotely and the ex...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates in the file /boafrm/formReflashClientTbl in the HTTP POST Request Handler component, which can be exploited by an attacker to execute...

PT-2025-24683 · Octoprint · Octoprint

Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.11.1 Description: The issue allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint, making the web server component become unresponsive. This can be...

PT-2025-24721 · D Link · D-Link Dir-632

Name of the Vulnerable Software and Affected Versions: D-Link DIR-632 version FW103B08 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the FUN 00425fd8 function of the file /biurl grou. This issue leads to a stack-based buffer overfl...

PT-2025-25624 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability was found in the HTTP POST Request Handler of TOTOLINK X15. The issue affects unknown code of the file /boafrm/formTmultiAP. The manipulation of the submit-url...

PT-2025-26256 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.03 Description: A critical vulnerability has been found, affecting the sub 4091AC function of the HTTP POST Request Handler component. This issue leads to a stack-based buffer overflow and can be initiated remotely. T...

D-Link DIR-632 安全漏洞

D-Link DIR-632 is a wireless router for small business and SOHO users, supporting IEEE 802.11n and IEEE 802.11g wireless standards, with a maximum theoretical transfer rate of 300Mbps and equipped with eight 10/100Mbps LAN ports. A stack buffer overflow vulnerability exists in the D-Link DIR-632...

CVE-2025-5903

TOTOLINK T10 4.1.8cu.5207 is affected by a buffer overflow in the function setWiFiAclRules of /cgi-bin/cstecgi.cgi (POST Request Handler). The vulnerability arises from manipulation of the argument desc, enabling a remote attack. Multiple sources (NVD, Red Hat, CNVD, CVE listings, and other natio...

CVE-2025-5902

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiate...

CVE-2025-5901

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5902

The CVE-2025-5902 entry concerns TOTOLINK T10 firmware version 4.1.8cu.5207. The vulnerability lies in the POST Request Handler’s setUpgradeFW function, specifically in processing the slaveIpList parameter in /cgi-bin/cstecgi.cgi, where a buffer overflow can be triggered. Publicly disclosed explo...

CVE-2025-5901 TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5901 TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5839

A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack m...

CVE-2025-5851

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been rated as critical. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip of the component HTTP POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be...

PT-2025-25599 · Totolink · Totolink A702R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 4.0.0-B20230721.1521 Description: A critical vulnerability was found in the TOTOLINK A702R, affecting unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the...

The vulnerability of the Request Handler component of the Java Apache Wicket framework, which is used for creating web applications, allows a attacker to cause a service failure.

The vulnerability of the Request Handler component in the Java Apache Wicket framework for creating web applications is related to memory leak errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...