CVE-2025-7460 – TOTOLINK T6 HTTP POST Request Handler Buffer Overflow Vulnerability

July 11, 2025

CVE ID : CVE-2025-7460

Published : July 11, 2025, 10:15 p.m. | 2 hours, 52 minutes ago

Description : A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5199 – Canonical Multipass Privilege Escalation Vulnerability

Next Article CVE-2025-53636 – Open OnDemand Shell App Log Flood Denial of Service Vulnerability

Highlights

CVE-2025-6739 – WordPress WPQuiz SQL Injection Vulnerability

July 3, 2025

CVE ID : CVE-2025-6739

Published : July 4, 2025, 3:15 a.m. | 22 minutes ago

Description : The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the ‘id’ attribute of the ‘wpquiz’ shortcode in all versions up to, and including, 0.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft donates DocumentDB to the Linux Foundation

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

ChatGPT is reportedly scraping Google Search data to answer your questions – here’s how

The 10 best early Labor Day deals live now: Save on Apple, Samsung and more

5 rumored Apple iPhone Fold features that have me excited (and frustrated at the same time)

Forget plug-and-play AI: Here’s what successful AI projects do differently

Log Outgoing HTTP Requests with the Laravel Spy Package

Log Outgoing HTTP Requests with the Laravel Spy Package

devdojo/auth

Rust Slices: Cutting Into References the Safe Way

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

8 Best Paid and Free AI Sexting Chat Apps in 2025

Best AI Anime Art Generator: 7 Best to Use [Free & Premium]

CVE-2025-7460 – TOTOLINK T6 HTTP POST Request Handler Buffer Overflow Vulnerability

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Buffalo Police Detective Indicted for Attempted Purchases on Genesis Market

CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

The 5 Linux AppImages I depend on daily – and how to add them to your desktop menu

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Critical Frauscher Flaws (CVE-2025-3626 CVSS 9.1, CVE-2025-3705 CVSS 6.8): OS Command Injection Threatens Railway Systems

CVE-2025-6739 – WordPress WPQuiz SQL Injection Vulnerability

CVE-2025-6107 – ComfyAnonymous ComfyUI Remote Object Attribute Manipulation Vulnerability

Researchers Introduce MMLONGBENCH: A Comprehensive Benchmark for Long-Context Vision-Language Models

The Gaming Desktop I’ve Relied on More Than Any Other Is More Powerful and Sleeker Than Ever — But Damn, It’s Expensive

CVE-2025-7460 – TOTOLINK T6 HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts