CVE-2025-6393 – TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

June 20, 2025

CVE ID : CVE-2025-6393

Published : June 21, 2025, 1:15 a.m. | 31 minutes ago

Description : A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleOne of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

Next Article CVE-2025-6375 – Poco Null Pointer Dereference Vulnerability

Highlights

CVE-2025-5384 – JeeWMS SQL Injection Vulnerability

May 31, 2025

CVE ID : CVE-2025-5384

Published : May 31, 2025, 4:15 p.m. | 1 hour, 29 minutes ago

Description : A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I love that transparent technology is making a comeback — and one of the biggest gaming companies has joined the fun

“Let’s amp up everything” — Directive 8020 is Alien meets The Thing, and it’s introducing these huge changes for Supermassive’s cinematic horror games

Poll: Is Xbox heading in the right direction? Cast your vote here!

Microsoft is blocking Google Chrome in the name of family safety — but this time it actually makes sense

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

vitorccs/laravel-csv

Dr. Axel’s JavaScript flashcards

I love that transparent technology is making a comeback — and one of the biggest gaming companies has joined the fun

I love that transparent technology is making a comeback — and one of the biggest gaming companies has joined the fun

“Let’s amp up everything” — Directive 8020 is Alien meets The Thing, and it’s introducing these huge changes for Supermassive’s cinematic horror games

Poll: Is Xbox heading in the right direction? Cast your vote here!

CVE-2025-6393 – TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Your Xbox can now store everything — if you sell a kidney first

Berserk is a UCI compliant chess engine

The Elder Scrolls 4: Oblivion Remastered — what’s new and different compared to the original, and why is it better?

Outside Processing vs Contract Manufacturing

CVE-2025-5384 – JeeWMS SQL Injection Vulnerability

RT-2: New model translates vision and language into action

CVE-2025-3961 – Withstars Books-Management-System Cross-Site Scripting Vulnerability

What AI pioneer Yoshua Bengio is doing next to make AI safer

CVE-2025-6393 – TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts