PT-2025-24721 · D Link · D-Link Dir-632

Name of the Vulnerable Software and Affected Versions: D-Link DIR-632 version FW103B08 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the FUN 00425fd8 function of the file /biurl grou. This issue leads to a stack-based buffer overfl...

D-Link DIR-632 安全漏洞

D-Link DIR-632 is a wireless router for small business and SOHO users, supporting IEEE 802.11n and IEEE 802.11g wireless standards, with a maximum theoretical transfer rate of 300Mbps and equipped with eight 10/100Mbps LAN ports. A stack buffer overflow vulnerability exists in the D-Link DIR-632...

PT-2025-26256 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.03 Description: A critical vulnerability has been found, affecting the sub 4091AC function of the HTTP POST Request Handler component. This issue leads to a stack-based buffer overflow and can be initiated remotely. T...

CVE-2025-5903

TOTOLINK T10 4.1.8cu.5207 is affected by a buffer overflow in the function setWiFiAclRules of /cgi-bin/cstecgi.cgi (POST Request Handler). The vulnerability arises from manipulation of the argument desc, enabling a remote attack. Multiple sources (NVD, Red Hat, CNVD, CVE listings, and other natio...

CVE-2025-5902

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiate...

CVE-2025-5901

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5902

The CVE-2025-5902 entry concerns TOTOLINK T10 firmware version 4.1.8cu.5207. The vulnerability lies in the POST Request Handler’s setUpgradeFW function, specifically in processing the slaveIpList parameter in /cgi-bin/cstecgi.cgi, where a buffer overflow can be triggered. Publicly disclosed explo...

CVE-2025-5901 TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5901 TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5839

A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack m...

CVE-2025-5851

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been rated as critical. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip of the component HTTP POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be...

PT-2025-25586 · Totolink · Totolink T10

Name of the Vulnerable Software and Affected Versions: TOTOLINK T10 version 4.1.8cu.5207 Description: A critical vulnerability has been found in the setWiFiScheduleCfg function of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the desc argument leads...

PT-2025-25599 · Totolink · Totolink A702R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 4.0.0-B20230721.1521 Description: A critical vulnerability was found in the TOTOLINK A702R, affecting unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the...

PT-2025-25597 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5232 B20210713 Description: A critical vulnerability was found in the TOTOLINK EX1200T, affecting some unknown functionality of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The...

PT-2025-25602 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of the affected software. The issue is related to the manipulation of the submit-url argument, which...

PT-2025-25603 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability was found in the HTTP POST Request Handler component of the affected software. The issue is related to an unknown functionality of the file /boafrm/formMultiAP. T...

PT-2025-25595 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5232 B20210713 Description: A critical vulnerability was found in the TOTOLINK EX1200T, affecting an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of...

TOTOLINK T10 安全漏洞

The TOTOLINK T10 is a wireless router manufactured by TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiMeshName in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerabilit...

CVE-2025-5850 Tenda AC15 HTTP POST Request SetLEDCf formsetschedled buffer overflow

A vulnerability was found in Tenda AC15 15.03.05.19multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack c...

CVE-2025-5848

CVE-2025-5848 affects the Tenda AC15 router (version 15.03.05.19_multi). The vulnerability is in the HTTP POST Request Handler, specifically the formSetPPTPUserList function in /goform/setPptpUserList. By manipulating the argument list, it triggers a buffer overflow, enabling remote exploitation....