CVE-2025-5301

ONLYOFFICE Docs DocumentServer in versions equal and below 8.3.1 are affected by a reflected cross-site scripting XSS issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response...

TOTOLINK EX1200T Buffer Overflow Vulnerability (CNVD-2025-12751)

The TOTOLINK EX1200T is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK EX1200T version 4.1.2cu.5232B20210713, which affects the HTTP POST request processing component of file/boafrm/formFilter with unknown code. A remote attacker could exploit this...

Tenda A15 HTTP POST Request Buffer Overflow Vulnerability

The Tenda A15 is a dual-band gigabit wireless router. A buffer overflow vulnerability exists in the Tenda A15. The vulnerability stems from improper handling of the /goform/multimodalAdd file by the HTTP POST request processor component and can be exploited by an attacker to remotely execute...

D-Link DIR-632 Stack Buffer Overflow Vulnerability

D-Link DIR-632 is a wireless router for small business and SOHO users, supporting IEEE 802.11n and IEEE 802.11g wireless standards, with a maximum theoretical transfer rate of 300Mbps and equipped with eight 10/100Mbps LAN ports. A stack buffer overflow vulnerability exists in the D-Link DIR-632...

CVE-2025-5301

ONLYOFFICE Docs DocumentServer in versions equal and below 8.3.1 are affected by a reflected cross-site scripting XSS issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2025-5909

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch th...

CVE-2025-5907

A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2025-5908

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be...

CVE-2025-5851

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been rated as critical. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip of the component HTTP POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be...

CVE-2025-5849

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer...

CVE-2025-5850

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack c...

CVE-2025-5848

A vulnerability was found in Tenda AC15 15.03.05.19multi and classified as critical. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. The manipulation of the argument list leads to buffer overflow. The attac...

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5969

The CVE-2025-5969 entry concerns D-Link DIR-632 FW103B08. Affected is the HTTP POST Request Handler, specifically the FUN_00425fd8 function in file /biurl_grou, where input length validation leads to a stack-based buffer overflow. The vulnerability can be exploited remotely and, per sources, affe...

CVE-2025-5969 D-Link DIR-632 HTTP POST Request biurl_grou FUN_00425fd8 stack-based overflow

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2025-5911

A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched...

CVE-2025-5910

A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can b...