CVE-2025-5506 – TOTOLINK A3002RU Cross-Site Scripting in NAT Mapping Page

June 3, 2025

CVE ID : CVE-2025-5506

Published : June 3, 2025, 3:16 p.m. | 17 minutes ago

Description : A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4205 – WordPress Popup Maker Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5504 – TOTOLINK X2000R Command Injection Vulnerability

Highlights

CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service

May 7, 2025

CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service

The cpp-httplib, a C++11 single-file header-only cross-platform HTTP/HTTPS library known for its ease of setup, is facing a serious security vulnerability. A recently identified flaw, tracked as CVE-2 …
Read more

Published Date:
May 07, 2025 (3 hours, 20 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-46728

CVE-2025-47241

CVE-2024-12254

CVE-2024-11120

CVE-2024-6047

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

Never Stop Exploring (July 2025 Wallpapers Edition)

I never thought I’d praise a kickstand power bank – until I tried this one

I replaced my work PC with this Alienware laptop – now I’m wondering why I hadn’t done this sooner

How to set up Alexa to receive notifications on Prime Day deals you want

How proxy servers actually work, and why they’re so valuable

Top 6 MySQL Database Management Struggles for Laravel Developers (And Smart Fixes)

Top 6 MySQL Database Management Struggles for Laravel Developers (And Smart Fixes)

What’s the difference between named functions and arrow functions in JavaScript?

Spring Boot + Swagger: A Complete Guide to API Documentation

Relive the Golden Era: 5 Tools to Get Retro Feel on Linux

Relive the Golden Era: 5 Tools to Get Retro Feel on Linux

mpvc – mpc-like CLI tool for mpv

sherpa-onnx is speech-to-text and text-to-speech software

CVE-2025-5506 – TOTOLINK A3002RU Cross-Site Scripting in NAT Mapping Page

Google waarschuwt voor actief misbruik van V8-kwetsbaarheid in Chrome

Linux Kernel 6.16-rc4 Released: Focus on Filesystem Fixes, Driver Improvements, & Hardware Support

8 Best Free Security WordPress Plugins

I’ve Seen Things

Bayesian Belief Networks: Tools, Use Cases & Beginner Guide 2025

NativePHP for Mobile v1 — Launching May 2

CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service

Laravel Too Many Login Attempts: Restrict and Customize

CVE-2025-4265 – PHPGurukul Emergency Ambulance Hiring Portal SQL Injection Vulnerability

CVE-2024-12827 – WordPress DWT Directory & Listing Theme Privilege Escalation Vulnerability

CVE-2025-5506 – TOTOLINK A3002RU Cross-Site Scripting in NAT Mapping Page

Related Posts