590 matches found
CVE-2025-5786 TOTOLINK X15 HTTP POST Request formDMZ buffer overflow
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launc...
CVE-2025-5786
CVE-2025-5786 affects TOTOLINK X15 firmware 1.0.0-B20230714.1105. The vulnerability is a buffer overflow in the /boafrm/formDMZ HTTP POST Request Handler triggered by manipulating the submit-url parameter, enabling remote access. Public exploit details exist and, per CNVD/CNNVD, may lead to arbit...
CVE-2025-5738
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...
CVE-2025-5737
CVE-2025-5737 affects TOTOLINK X15 v1.0.0-B20230714.1105. The vulnerability lies in the HTTP POST Request Handler’s /boafrm/formDosCfg endpoint, where manipulating the submit-url argument can trigger a buffer overflow. Exploitation is possible remotely and has been publicly disclosed, with high i...
CVE-2025-5734
A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The atta...
CVE-2025-5735
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be...
CVE-2025-5734 TOTOLINK X15 HTTP POST Request formWlanRedirect buffer overflow
A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The atta...
CVE-2025-5734
TOTOLINK X15 v1.0.0-B20230714.1105 is affected by a buffer overflow in the HTTP POST Request Handler, specifically in /boafrm/formWlanRedirect where input in the redirect-url argument can be manipulated to overflow a buffer. Exploitation can be remote and public exploit details exist. The reporte...
PT-2025-24383 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, specifically affecting the formSetPPTPUserList function of the /goform/setPptpUserList file in the HTTP POST Request Handler...
PT-2025-24317 · Totolink · Totolink X15
Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been discovered, affecting the HTTP POST Request Handler component, specifically the /boafrm/formPortFw file. The manipulation of the service type argument leads to a...
PT-2025-24603 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T versions 4.1.2cu.5232 B20210713 and earlier Description: A critical issue was found in the HTTP POST Request Handler component, affecting an unknown function of the file /boafrm/formReflashClientTbl. The manipulation leads to...
PT-2025-24313 · Totolink · Totolink X15
Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /boafrm/formWsc. The manipulation of the submit-url argument leads to a buffer overflow. Th...
PT-2025-24385 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, affecting the formsetschedled function of the file /goform/SetLEDCf in the HTTP POST Request Handler component. The manipulation of...
PT-2025-24312 · Totolink · Totolink X15
Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been identified, affecting an unknown function of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the submit-url argument lea...
CVE-2025-5672
A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...
CVE-2025-5671
A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possib...
PT-2025-24061 · Totolink · Totolink X15
Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue affects some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the submit-url argument leads to buffer...
PT-2025-24051 · Totolink · Totolink X15
Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK X15, affecting the file /boafrm/formWlanRedirect. The manipulation of the redirect-url...
PT-2025-23946 · Totolink · Totolink N302R Plus
Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical vulnerability was found in the HTTP POST Request Handler component of TOTOLINK N302R Plus. The issue affects an unknown function of the file /boafrm/formPortFw. The...
PT-2025-23947 · Totolink · Totolink N302R Plus
Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the unknown functionality of the file /boafrm/formFilter. The manipulation of the url...