CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

June 3, 2025

CVE ID : CVE-2025-5542

Published : June 3, 2025, 10:15 p.m. | 4 hours, 8 minutes ago

Description : A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24015 – Deno AES-GCM Authentication Tag Validation Bypass

Next Article Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

DOOM: The Dark Ages has been turned into a literal work of art by one fan — as well as having its own tapestry

Submit a new story – Echo JS

Druid is a column-oriented distributed data store

Build an AI-powered document processing platform with open source NER model and LLM on Amazon SageMaker

30+ Best Lightroom Presets for Stunning Portraits

1 billion reasons to protect your identity online

Demis Hassabis & John Jumper awarded Nobel Prize in Chemistry

VS klaagt verdachte aan voor ransomware-aanvallen tegen Exchange-servers

CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

Related Posts