CVE Daily

CVE-2025-8242

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classifi...

High CVSS 8.8

Overview

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr/url/vpnPassword/vpnUser leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CWE: CWE-119 Published: 2025-07-27T21:15:26.847
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.8 (HIGH)
  • Detected tags: buffer (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags