CVE-2025-8244 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

July 28, 2025

CVE ID : CVE-2025-8244

Published : July 27, 2025, 10:15 p.m. | 1 day, 1 hour ago

Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8245 – Totolink X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-8243 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow

Highlights

CVE-2025-37987 – Linux PDS Core AdminQ Overflow/Stuck Condition Vulnerability

May 20, 2025

CVE ID : CVE-2025-37987

Published : May 20, 2025, 6:15 p.m. | 34 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

pds_core: Prevent possible adminq overflow/stuck condition

The pds_core’s adminq is protected by the adminq_lock, which prevents
more than 1 command to be posted onto it at any one time. This makes it
so the client drivers cannot simultaneously post adminq commands.
However, the completions happen in a different context, which means
multiple adminq commands can be posted sequentially and all waiting
on completion.

On the FW side, the backing adminq request queue is only 16 entries
long and the retry mechanism and/or overflow/stuck prevention is
lacking. This can cause the adminq to get stuck, so commands are no
longer processed and completions are no longer sent by the FW.

As an initial fix, prevent more than 16 outstanding adminq commands so
there’s no way to cause the adminq from getting stuck. This works
because the backing adminq request queue will never have more than 16
pending adminq commands, so it will never overflow. This is done by
reducing the adminq depth to 16.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

CVE-2025-8244 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-4213 – PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

CVE-2025-40663 – i2A Cronos Stored XSS

CVE-2025-32457 – Quantenna Wi-Fi Chipset Command Injection Vulnerability

CVE-2025-37987 – Linux PDS Core AdminQ Overflow/Stuck Condition Vulnerability

How to Make IT Operations More Efficient with AIOps: Build Smarter, Faster Systems

Gemini adds powerful new Deep Think model – what it does and who can try it

CVE-2025-27031 – Cisco Router IOCTL Memory Corruption

CVE-2025-8244 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts