CVE-2025-3993 – TOTOLINK N150RT Buffer Overflow Vulnerability

April 28, 2025

CVE ID : CVE-2025-3993

Published : April 28, 2025, 1:15 a.m. | 1 hour, 25 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3994 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Next Article CVE-2025-3992 – TOTOLINK N150RT Buffer Overflow Vulnerability

Highlights

CVE-2025-3889 – WordPress Simple Shopping Cart Insecure Direct Object Reference

May 1, 2025

CVE ID : CVE-2025-3889

Published : May 1, 2025, 12:15 p.m. | 53 minutes ago

Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the ‘process_payment_data’ due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the quantity of a product to a negative number, which subtracts the product cost from the total order cost. The attack will only work with Manual Checkout mode, as PayPal and Stripe will not process payments for a negative quantity.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Unplugging these 7 common household devices helped reduce my electricity bills

DistroWatch Weekly, Issue 1133

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

DistroWatch Weekly, Issue 1133

DistroWatch Weekly, Issue 1133

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

CVE-2025-3993 – TOTOLINK N150RT Buffer Overflow Vulnerability

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

13 Best Free and Open Source Linux Camera Tools

This AI Paper from Microsoft Introduces a DiskANN-Integrated System: A Cost-Effective and Low-Latency Vector Search Using Azure Cosmos DB

Celebrating GAAD by Committing to Universal Design: Starting with Equitable Use for Everyone

CVE-2025-5098 – PrinterShare Gmail Token Capture Vulnerability

CVE-2025-3889 – WordPress Simple Shopping Cart Insecure Direct Object Reference

CVE-2025-6276 – Brilliance Golden Link Secondary System SQL Injection Vulnerability

CVE-2025-52439 – Cisco WebEx Meeting Center Unvalidated Redirect

CVE-2025-3822 – SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE-2025-3993 – TOTOLINK N150RT Buffer Overflow Vulnerability

Related Posts