CVE-2025-5515 – TOTOLINK X2000R Command Injection Vulnerability

June 3, 2025

CVE ID : CVE-2025-5515

Published : June 3, 2025, 6:15 p.m. | 1 hour, 15 minutes ago

Description : A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5516 – TOTOLINK X2000R Cross-Site Scripting Vulnerability

Next Article CVE-2025-5513 – Quequnlong Shiyi-Blog Cross-Site Scripting Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-5515 – TOTOLINK X2000R Command Injection Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

Getting started with Amazon Bedrock Agents custom orchestrator

NVIDIA AI Introduces Cosmos World Foundation Model (WFM) Platform to Advance Physical AI Development

JetBrains AI Assistant : Revolutionizing Tech Solutions

Meet FluidML: A Generic Runtime Memory Management and Optimization Framework for Faster, Smarter Machine Learning Inference

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

CVE-2024-55910 – IBM Concert Software SSRF Vulnerability

Simple Button Design Tips That Make a Big Impact

BSD Release: BSD Router Project 1.994

CVE-2025-5515 – TOTOLINK X2000R Command Injection Vulnerability

Related Posts