CVE-2025-5850

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack c...

CVE-2025-5910

A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can b...

D-Link DIR-632 安全漏洞

The D-Link DIR-632 is a router from China's AUO D-Link. The D-Link DIR-632 suffers from a buffer overflow vulnerability that originates from the failure of the file /biurlgrou in the HTTP POST Request Handler component to properly validate the length and size of the input data, which can be...

PT-2025-25598 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been found, affecting an unknown part of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the submit-url argument leads to...

CVE-2025-5848

A vulnerability was found in Tenda AC15 15.03.05.19multi and classified as critical. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. The manipulation of the argument list leads to buffer overflow. The attac...

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based...

CVE-2025-5792 TOTOLINK EX1200T HTTP POST Request formWlanRedirect buffer overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer...

CVE-2025-5739

A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate...

CVE-2025-5735

CVE-2025-5735 concerns TOTOLINK X15 1.0.0-B20230714.1105. The vulnerability lies in the HTTP POST Request Handler for the endpoint /boafrm/formSetLg where manipulating the submit-url argument can cause a buffer overflow. Descriptions indicate remote initiation with public disclosure of the exploi...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formNtp parameter submit-url to correctly validate the length and size of the input data in the...

PT-2025-24386 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical issue affects the fromadvsetlanip function of the /goform/AdvSetLanip file in the HTTP POST Request Handler component. The manipulation of the lanMask argument leads to a buffer...

PT-2025-24056 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been found in the HTTP POST Request Handler component of the affected software. The manipulation of the submit-url argument leads to a buffer overflow. This can be...

CVE-2023-2058

A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit=12=4 of the component HTTP POST Request Handler. The manipulation of the argument webico leads...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWlanRedirect file in the microprogramming system for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWlanRedirect file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formDosCfg file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the /boafrm/formDosCfg file of the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attack...

CVE-2025-5000

CVE-2025-5000 impacts Linksys FGW3000-AH/HK (versions up to 1.0.17.000000). The vulnerability resides in the HTTP POST Request Handler, specifically the /cgi-bin/sysconf.cgi component, in the function control_panel_sw . Manipulating the filename argument in the POST request leads to command injec...

PT-2025-21590 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK A3002R and A3002RU. This issue affects some unknown processing of the file...

PT-2025-21587 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue affects an unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 lea...

CVE-2025-2732

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request Handler. The...