CVE-2025-5516 – TOTOLINK X2000R Cross-Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-5516

Published : June 3, 2025, 6:15 p.m. | 1 hour, 15 minutes ago

Description : A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5520 – Open5GS AMF/MME Reachable Assertion Vulnerability

Next Article CVE-2025-5515 – TOTOLINK X2000R Command Injection Vulnerability

Highlights

CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

June 16, 2025

CVE ID : CVE-2025-6130

Published : June 16, 2025, 5:15 p.m. | 44 minutes ago

Description : A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-5516 – TOTOLINK X2000R Cross-Site Scripting Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

CVE-2025-7475 – Simple Car Rental System SQL Injection Vulnerability

Windows Update Cleanup Tool: 3 Ways to Clear Saved Cache

CVE-2025-47964 – Microsoft Edge (Chromium-based) URI Spoofing

The Identities Behind AI Agents: A Deep Dive Into AI & NHI

CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

Get a Google Pixel 9a and Pixel Buds A-Series on T-Mobile – here’s how it works

Is your Microsoft account passwordless yet? Why it (probably) should be and how to do it right

Google Shuts Down Legacy Exchange Migration Tool, Sets May 31 Deadline

CVE-2025-5516 – TOTOLINK X2000R Cross-Site Scripting Vulnerability

Related Posts