CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-5507

Published : June 3, 2025, 4:15 p.m. | 3 hours, 15 minutes ago

Description : A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5508 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Next Article CVE-2025-44148 – MailEnable Cross Site Scripting (XSS)

Highlights

CVE-2025-35003 – Apache NuttX RTOS Bluetooth Stack Buffer Overflow and Restriction Bypass Vulnerabilities

May 26, 2025

CVE ID : CVE-2025-35003

Published : May 26, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets.

NuttX’s Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues.

This issue affects Apache NuttX: from 7.25 before 12.9.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

CVE-2024-54952 – MikroTik RouterOS SMB Service Remote Denial of Service

Maximize your file server data’s potential by using Amazon Q Business on Amazon FSx for Windows

You can now mirror Android’s screen to Windows 11 from the Start menu

How I use this Android phone with thermal vision superpowers (and why you need it)

CVE-2025-35003 – Apache NuttX RTOS Bluetooth Stack Buffer Overflow and Restriction Bypass Vulnerabilities

18 Best Free and Open Source Linux Time Tracking Software

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

The impressive pocket-sized projector casts an 80-inch video – and it’s on sale

CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Related Posts