CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

June 16, 2025

CVE ID : CVE-2025-6130

Published : June 16, 2025, 5:15 p.m. | 44 minutes ago

Description : A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6131 – CodeAstro Food Ordering System Cross-Site Scripting Vulnerability

Next Article CVE-2025-6177 – Google ChromeOS MiniOS Debug Shell Privilege Escalation

Highlights

CVE-2025-7696 – Pipedrive WordPress Plugin PHP Object Injection Vulnerability

July 19, 2025

CVE ID : CVE-2025-7696

Published : July 19, 2025, 5:15 a.m. | 18 hours, 29 minutes ago

Description : The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verify_field_val() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-55161 – Stirling-PDF SSRF

CVE-2025-5836 – Tenda AC9 Command Injection Vulnerability

This Week in Laravel: No More dd() and No More DB Enums?

Using Amazon OpenSearch ML connector APIs

CVE-2025-7696 – Pipedrive WordPress Plugin PHP Object Injection Vulnerability

The Complete Guide to Document Processing: Technologies, Workflows, and the Future of Automation

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

Swiss bank data released by hackers

CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts