CVE-2025-6299 – TOTOLINK N150RT Os Command Injection Vulnerability

June 20, 2025

CVE ID : CVE-2025-6299

Published : June 20, 2025, 3:15 a.m. | 3 hours, 26 minutes ago

Description : A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6301 – PHPGurukul Notice Board System Cross-Site Scripting Vulnerability

Next Article CVE-2025-6303 – Code-projects Online Shoe Store SQL Injection Vulnerability

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

Student Performance Prediction System using Python Machine Learning (ML)

Student Performance Prediction System using Python Machine Learning (ML)

The attack on the npm ecosystem continues

Feature Highlight

Hyprland Made Easy: Preconfigured Beautiful Distros

Hyprland Made Easy: Preconfigured Beautiful Distros

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

CVE-2025-6299 – TOTOLINK N150RT Os Command Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

The Hidden Trade-Offs of Scriptless Automation Are You Sacrificing Strategy for Speed?

Mamorukun ReCurse! Brings Bullet Hell Action to Xbox Series X|S This September

CVE-2025-46722 – VLLM Image Hash Collision Vulnerability

CVE-2025-5325 – Zhilink ADP Application Developer Platform Template Engine Code Injection Vulnerability

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

The MSI Claw A8 handheld gaming PC appears for preorder in Europe — eye watering price is an understatement

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

4 ways to level up your gaming on Linux, starting with the right distro

CVE-2025-6299 – TOTOLINK N150RT Os Command Injection Vulnerability

Related Posts