CVE-2025-6337 – TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

June 20, 2025

CVE ID : CVE-2025-6337

Published : June 20, 2025, 12:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6336 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow

Next Article CVE-2025-38083 – Linux Kernel NetSched Prio Race Condition Underflow

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-6337 – TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug

CVE-2025-4002 – Apache RefindPlus Local Null Pointer Dereference Vulnerability

This AI Paper Unveils a Reverse-Engineered Simulator Model for Modern NVIDIA GPUs: Enhancing Microarchitecture Accuracy and Performance Prediction

Agency Assassin

CVE-2025-34511 – Sitecore PowerShell Extensions Remote File Upload Vulnerability

Content Writing Services in Chandigarh | Techwalk Solutions

Rilasciata Clonezilla Live 3.2.1-28: tutte le novità della distribuzione GNU/Linux per il backup e la clonazione dei dischi

CVE-2025-48992 – Group-Office Cross-Site Scripting Vulnerability

CVE-2025-4766 – PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE-2025-6337 – TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

Related Posts