CVE-2025-6149 - TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-6149

Published : June 17, 2025, 1:15 a.m. | 25 minutes ago

Description : A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

CVE-2025-41234 – VMware Spring Framework Reflected File Download Vulnerability

June 12, 2025

CVE ID : CVE-2025-41234

Published : June 12, 2025, 10:15 p.m. | 3 hours, 47 minutes ago

Description : Description

In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input.

Specifically, an application is vulnerable when all the following are true:

* The header is prepared with org.springframework.http.ContentDisposition.
* The filename is set via ContentDisposition.Builder#filename(String, Charset).
* The value for the filename is derived from user-supplied input.
* The application does not sanitize the user-supplied input.
* The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details).

An application is not vulnerable if any of the following is true:

* The application does not set a “Content-Disposition” response header.
* The header is not prepared with org.springframework.http.ContentDisposition.
* The filename is set via one of: * ContentDisposition.Builder#filename(String), or
* ContentDisposition.Builder#filename(String, ASCII)

* The filename is not derived from user-supplied input.
* The filename is derived from user-supplied input but sanitized by the application.
* The attacker cannot inject malicious content in the downloaded content of the response.

Affected Spring Products and VersionsSpring Framework:

* 6.2.0 – 6.2.7
* 6.1.0 – 6.1.20
* 6.0.5 – 6.0.28
* Older, unsupported versions are not affected

MitigationUsers of affected versions should upgrade to the corresponding fixed version.

Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary.

CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

How I personalized my ChatGPT conversations – why it’s a game changer

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

This Week in Laravel: React.js, Filament vs Laravel, and Junior Test

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

CVE-2025-6149 – TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-4263 – PHPGurukul Online DJ Booking Management System SQL Injection Vulnerability

5 Tools to Enhance Your AppImage Experience on Linux

Google DeepMind Releases Gemma 3n: A Compact, High-Efficiency Multimodal AI Model for Real-Time On-Device Use

Designing Inclusive Dark Modes

CVE-2025-41234 – VMware Spring Framework Reflected File Download Vulnerability

Redpanda Announces the General Availability of Apache Iceberg Topics for the Enterprise

CVE-2025-5136 – Tmall Payment Identifier Handler Insecure Randomness Remote Vulnerability

CVE-2025-20985 – Microsoft Xbox ThemeManager Privilege Escalation Vulnerability

CVE-2025-6149 – TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow

Related Posts