CVE-2025-6824

CVE-2025-6824 affects TOTOLINK X15 (up to version 1.0.0-B20230714.1105). The issue is in the HTTP POST Request Handler, specifically the /boafrm/formParentControl component, where manipulation of the submit-url argument can trigger a buffer overflow. The vulnerability is exploitable remotely, and...

PT-2025-27326 · Totolink · Totolink A702R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R versions up to 4.0.0-B20230721.1521 Description: A critical vulnerability was found in the HTTP POST Request Handler component of TOTOLINK A702R, affecting an unknown functionality of the file /boafrm/formWlSiteSurvey. The...

PT-2025-27503 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of the TOTOLINK A3002RU router. The issue affects an unknown function of the file...

PT-2025-27325 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 versions up to 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK X15. The issue affects an unknown function of the file /boafrm/formParentControl. The...

PT-2025-27529 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability was found in the HTTP POST Request Handler component of the TOTOLINK A3002RU. The issue affects an unknown function of the file /boafrm/formParentControl. The...

PT-2025-27504 · Totolink · Totolink A702R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 4.0.0-B20230721.1521 Description: A critical vulnerability affects an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the submit-url argument...

CVE-2025-6627

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-6751

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

CVE-2025-6751

Affected software: Linksys E8450 (up to version 1.2.00.360516). Vulnerability: in the portal.cgi file, within the HTTP POST Request Handler, the function set_device_language mishandles the dut_language parameter, causing a buffer overflow. This can be exploited remotely and has been publicly disc...

CVE-2025-6751 Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflow

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

CVE-2025-6751 Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflow

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...

D-Link DIR-632 Buffer Overflow Vulnerability

The D-Link DIR-632 is a router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-632 FW103B08 version, which originates from the failure of the parameter Content-Length of the function getpurecontent in the component HTTP POST Request Handler to correctly validate...

D-Link DIR-825 do_file function buffer overflow vulnerability

The D-Link DIR-825 is a router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-825 version 2.03, which originates from the function dofile in the HTTP POST Request Handler component that fails to correctly validate the length and size of the input data, and can b...

TOTOLINK EX1200T Buffer Overflow Vulnerability

The TOTOLINK EX1200T is a dual-band wireless signal amplifier that is primarily used to extend the coverage of an existing wireless network. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that stems from the HTTP POST request handler mishandling the parameter submit-url. No...

CVE-2025-6568

A vulnerability classified as critical has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6565

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-6627

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-6627

CVE-2025-6627 affects TOTOLINK A702R (version 4.0.0-B20230721.1521). The vulnerability is a buffer overflow in the HTTP POST Handler’s /boafrm/formIpv6Setup caused by manipulating the submit-url parameter. It can be triggered remotely, and a publicly disclosed exploit exists per PT-security repor...

CVE-2025-6627 TOTOLINK A702R HTTP POST Request formIpv6Setup buffer overflow

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-6627 TOTOLINK A702R HTTP POST Request formIpv6Setup buffer overflow

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...