CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

June 3, 2025

CVE ID : CVE-2025-5542

Published : June 3, 2025, 10:15 p.m. | 4 hours, 8 minutes ago

Description : A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24015 – Deno AES-GCM Authentication Tag Validation Bypass

Next Article Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Qsynth is a Qt GUI interface for FluidSynth

Avast Antivirus Vulnerability Let Attackers Escalate Privileges

CVE-2025-5364 – Campcodes Online Hospital Management System SQL Injection

TIS-DPO: Token-level Importance Sampling for Direct Preference Optimization

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

passage – age-backed password manager

Real‑world video demo: Using different AI models in GitHub Copilot

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

Related Posts