CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-5507

Published : June 3, 2025, 4:15 p.m. | 3 hours, 15 minutes ago

Description : A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5508 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Next Article CVE-2025-44148 – MailEnable Cross Site Scripting (XSS)

Highlights

CVE-2025-4454 – D-Link DIR-619L Wake_on_Lan Command Injection Vulnerability

May 9, 2025

CVE ID : CVE-2025-4454

Published : May 9, 2025, 3:15 a.m. | 22 minutes ago

Description : A vulnerability was found in D-Link DIR-619L 2.04B04. It has been declared as critical. This vulnerability affects the function wake_on_lan. The manipulation of the argument mac leads to command injection. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

DistroWatch Weekly, Issue 1131

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

DistroWatch Weekly, Issue 1131

CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

FloQast builds an AI-powered accounting transformation solution with Anthropic’s Claude 3 on Amazon Bedrock

CVE-2025-4832 – TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells

CodeSOD: The Wrong Kind of Character

CVE-2025-4454 – D-Link DIR-619L Wake_on_Lan Command Injection Vulnerability

Microsoft Edge will lose all these features this month

CVE-2025-27247 – OpenHarmony Information Leak Vulnerability

CVE-2025-4465 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-5507 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability

Related Posts