CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-3995

Published : April 28, 2025, 2:15 a.m. | 49 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /boafrm/fromStaticDHCP of the component LAN Settings Page. The manipulation of the argument Hostname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleNew Xbox games launching this week, from April 28 through May 4 — Towerborne arrives in Xbox Game Pass

Next Article CVE-2025-3994 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

I like SteelSeries’ tiniest high performance gaming keyboard, but it’s not the only great magnetic option

Motion Highlights #5

How to make LinkedIn work for you: 3 things you must get right

My top gaming laptop of 2024 defended its crown with a redesign, but lost one of my favorite features

Brisa 0.2.12 – Near 0.3 🔜

Brisa 0.2.12 – Near 0.3 🔜

Essential Git Command Reference: The Core Operations Every Developer Needs

nativephp/electron

I like SteelSeries’ tiniest high performance gaming keyboard, but it’s not the only great magnetic option

I like SteelSeries’ tiniest high performance gaming keyboard, but it’s not the only great magnetic option

Microsoft says it accidentally broke Windows 10 Start menu, taskbar recent files feature

OpenCPN is a ship-borne GUI navigation application

CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Number of actors in E2E tests

Meta AI Introduces AdaCache: A Training-Free Method to Accelerate Video Diffusion Transformers (DiTs)

Dark Web Actor Claims Shadow PC Data Breach Targeting UK-Based Cloud Service Provider

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

Exporting Test Cases with Attachments?

A CSS-Only Star Rating Component and More! (Part 1)

Manage Events, Feature Flags, and More with PostHog for Laravel

Xbox Cloud saves on Steam? Avowed continues new trend for Microsoft games

CVE-2025-3995 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Related Posts