CVE-2025-5904 – TOTOLINK T10 Buffer Overflow in POST Request Handler

June 9, 2025

CVE ID : CVE-2025-5904

Published : June 10, 2025, 12:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5905 – TOTOLINK T10 Buffer Overflow in POST Request Handler

Next Article CVE-2025-5903 – TOTOLINK T10 Buffer Overflow in POST Request Handler

Highlights

CVE-2025-4016 – Novel-Plus LogController Java Remote Authorization Bypass

April 28, 2025

CVE ID : CVE-2025-4016

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-5904 – TOTOLINK T10 Buffer Overflow in POST Request Handler

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

Why Your Business Needs a React Native Mobile App in 2025📲

Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users

CVE-2025-30675 – Apache CloudStack Access Control Bypass Vulnerability

CVE-2025-48448 – Drupal Admin Audit Trail Resource Exhaustion DoS

CVE-2025-4016 – Novel-Plus LogController Java Remote Authorization Bypass

CVE-2025-5561 – PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

CVE-2025-3844 – PeproDev Ultimate Profile Solutions WordPress Authentication Bypass

A bizarre iOS 18.4 bug is surprising iPhone users with random app installs

CVE-2025-5904 – TOTOLINK T10 Buffer Overflow in POST Request Handler

Related Posts