CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-3995

Published : April 28, 2025, 2:15 a.m. | 49 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /boafrm/fromStaticDHCP of the component LAN Settings Page. The manipulation of the argument Hostname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleNew Xbox games launching this week, from April 28 through May 4 — Towerborne arrives in Xbox Game Pass

Next Article CVE-2025-3994 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Representative Line: Brace Yourself

Beyond the Pilot: A Playbook for Enterprise-Scale Agentic AI

GitHub launches MCP Registry to provide central location for trusted servers

MongoDB brings Search and Vector Search to self-managed versions of database

Distribution Release: Security Onion 2.4.180

Distribution Release: Omarchy 3.0.1

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

FOSS Weekly #25.38: GNOME 49 Release, KDE Drama, sudo vs sudo-rs, Local AI on Android and More Linux Stuff

CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Microsoft shareholders call for review of ties to Israel — “In the face of serious allegations of complicity in genocide and other international crimes, Microsoft’s HRDD processes appear ineffective”

10 must-try Google Photos tips and tricks – including a new AI editor

CVE-2025-7961 – Wulkano KAP Code Injection Vulnerability

CVE-2025-5849 – Tenda AC15 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

CVE-2025-50054 – OpenVPN Buffer Overflow

CVE-2025-7147 – CodeAstro Patient Record Management System SQL Injection

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

CVE-2025-27953 – Citrix Clinical Collaboration Platform Remote Code Execution and Information Disclosure

CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Related Posts