CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

June 21, 2025

CVE ID : CVE-2025-6400

Published : June 21, 2025, 6:15 a.m. | 3 hours, 14 minutes ago

Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

Next Article CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

Highlights

CVE-2025-4718 – Campcodes Sales and Inventory System SQL Injection

May 15, 2025

CVE ID : CVE-2025-4718

Published : May 15, 2025, 9:15 p.m. | 3 hours, 42 minutes ago

Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/customer_add.php. The manipulation of the argument last leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

CVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

WebP Converter converts images to WebP

CVE-2025-4526 – Dígitro NGC Explorer Password Field Masking Vulnerability

CVE-2025-40572 – Siemens SCALANCE LPE9403 Privilege Escalation

XPipe is an awesome shell connection hub and remote file manager

CVE-2025-4718 – Campcodes Sales and Inventory System SQL Injection

CVE-2025-33112 – IBM AIX VIOS Perl Path Traversal Vulnerability

CVE-2025-47701 – Drupal Restrict Route by IP CSRF

How to Debug CI/CD Pipelines: A Handbook on Troubleshooting with Observability Tools

CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

Related Posts