CVE-2025-5505 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability in Virtual Server Page

June 3, 2025

CVE ID : CVE-2025-5505

Published : June 3, 2025, 3:16 p.m. | 17 minutes ago

Description : A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5504 – TOTOLINK X2000R Command Injection Vulnerability

Next Article CVE-2025-5503 – TOTOLINK X15 Stack-Based Buffer Overflow Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

In Sam Altman’s world, the perfect AI would be “a very tiny model with superhuman reasoning capabilities” for any context

Sam Altman’s ouster from OpenAI was so dramatic that it’s apparently becoming a movie — Will we finally get the full story?

One of Microsoft’s biggest hardware partners joins its “bold strategy, Cotton” moment over upgrading to Windows 11, suggesting everyone just buys a Copilot+ PC

LatAm’s First Databricks Champion at Perficient

LatAm’s First Databricks Champion at Perficient

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Simplify Negative Relation Queries with Laravel’s whereDoesntHaveRelation Methods

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

In Sam Altman’s world, the perfect AI would be “a very tiny model with superhuman reasoning capabilities” for any context

Sam Altman’s ouster from OpenAI was so dramatic that it’s apparently becoming a movie — Will we finally get the full story?

CVE-2025-5505 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability in Virtual Server Page

Amazon’s $10 Billion AI Boost: North Carolina Lands Major Tech Expansion!

Google Proposes New Browser Security: Your Local Network, Your Permission!

Practice, a book on design and craft by Figma

KEMO SAAS Launches All-In-One Marketing & Sales Platform to Transform Business Workflows

Proton Pass vs. 1Password: Which password manager is right for you?

Xbox CEO Phil Spencer says Xbox Series X|S and PlayStation 5 are too similar — “I want us to innovate and make hardware the differentiator.”

AI-powered ‘narrative attacks’ a growing threat: 3 defense strategies for business leaders

In conversation with AI: building better language models

CVE-2025-41231 – VMware Cloud Foundation Missing Authorization Vulnerability

Notepad is closing WordPad gap on Windows 11 with Markdown, but users are angry

CVE-2025-5505 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability in Virtual Server Page

Related Posts