CVE-2025-6401 – TOTOLINK N300RH HTTP POST Message Handler Denial of Service Vulnerability

June 21, 2025

CVE ID : CVE-2025-6401

Published : June 21, 2025, 7:15 a.m. | 3 hours, 33 minutes ago

Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6402 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-5143 – TableOn – WordPress Posts Table Filterable Stored Cross-Site Scripting

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-6401 – TOTOLINK N300RH HTTP POST Message Handler Denial of Service Vulnerability

CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

Fast forward TMS

ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution

CVE-2025-44830 – EngineerCMS SQL Injection

Senators Peters and Rounds Lead Bipartisan Push to Extend Critical Cybersecurity Information Sharing Protections

AI unleashes more advanced scams. Here’s what to look out for (and how to stay protected)

CVE-2025-46482 – MyThemeShop WP Quiz Stored Cross-site Scripting Vulnerability

Dexed is a multi format plugin synth

The Future of Web Design

CVE-2025-6401 – TOTOLINK N300RH HTTP POST Message Handler Denial of Service Vulnerability

Related Posts