The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers allows a hacker to induce a service failure.

The vulnerability in the embedded web server microprogramming software of TOTOLINK A3002R, A3002RU, A702R, and EX1200T routers is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor t...

CVE-2025-52795

Cross-Site Request Forgery CSRF vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a stack buffer overflow vulnerability, which originates from the parameter submit-url in the file /boafrm/formWlanMultipleAP failing to correctly validate the length and size of the input...

CVE-2025-6402

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-6399

A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability, which originates from the failure of the parameter submit-url in the file /boafrm/formIPv6Addr to properly validate the length and size of the input...

TOTOLINK多款产品 安全漏洞

TOTOLINK A3002RU and others are products of China Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK A702r is a router device.TOTOLINK A3002R is a wireless router. A security vulnerability exists in several TOTOLINK products, which stems from a buffer overflow due to...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter submit-url in file /boafrm/formIpv6Setup failing to correctly validate the length and size of the input data, which...

CVE-2025-52795

Cross-Site Request Forgery CSRF vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...

CVE-2025-52795

CVE-2025-52795 : CSRF in WordPress plugin “WP Front User Submit / Front Editor” affects versions up to 4.9.4. Root cause is CSRF that can trigger actions without proper authorization. CVSS v3.1 base score 7.1 (HIGH): network vector, low attack complexity, user interaction required, no confidentia...

CVE-2025-52795 WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...

CVE-2025-6336

A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possibl...

WordPress plugin WP Front User Submit / Front Editor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

PT-2025-26423 · Unknown · Wp Front User Submit +1

Name of the Vulnerable Software and Affected Versions: aharonyan WP Front User Submit / Front Editor versions through 4.9.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. Recommendations: For versions through 4.9.4, update to a...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a dual-band wireless signal amplifier that is primarily used to extend the coverage of an existing wireless network. TOTOLINK EX1200T suffers from a buffer overflow vulnerability, which originates from the parameter submit-url in the file /boafrm/formTmultiAP failing to...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the restful api-v1 endpoint. An attacker can gain unauthorized access to sensitive operations by submitting jobs through the /hazelcast/rest/maps/submit-job endpoint and setting extra...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the restful api-v1 endpoint. An attacker can gain unauthorized access to sensitive operations by submitting jobs through the /hazelcast/rest/maps/submit-job endpoint and setting extra...

The vulnerability of the built-in boa server (/boafrm/formSysLog) of the TOTOLINK A702R router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formSysLog of the TOTOLINK A702R router’s microprogramming software is related to the issue of the operation exceeding the buffer limits in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor ...

The vulnerability of the built-in boa server (/boafrm/formMultiAP) of the TOTOLINK EX1200T router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formMultiAP of the TOTOLINK EX1200T router’s microprogramming system is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious...

The vulnerability of the built-in boa server (/boafrm/formMultiAP) of the TOTOLINK A3002RU router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formMultiAP of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious...