A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/panda666-888/vuls/blob/main/totolink/x15/formMapDel.md | Exploit Vendor Advisory |
https://vuldb.com/?ctiid.317831 | Permissions Required |
https://vuldb.com/?id.317831 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.622691 | Third Party Advisory VDB Entry |
https://www.totolink.net/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
29 Jul 2025, 21:03
Type | Values Removed | Values Added |
---|---|---|
First Time |
Totolink x15 Firmware
Totolink Totolink x15 |
|
CWE | CWE-787 | |
References | () https://github.com/panda666-888/vuls/blob/main/totolink/x15/formMapDel.md - Exploit, Vendor Advisory | |
References | () https://vuldb.com/?ctiid.317831 - Permissions Required | |
References | () https://vuldb.com/?id.317831 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.622691 - Third Party Advisory, VDB Entry | |
References | () https://www.totolink.net/ - Product | |
CPE | cpe:2.3:o:totolink:x15_firmware:1.0.0-b20230714.1105:*:*:*:*:*:*:* cpe:2.3:h:totolink:x15:-:*:*:*:*:*:*:* |
29 Jul 2025, 14:14
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Jul 2025, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-27 22:15
Updated : 2025-07-29 21:03
NVD link : CVE-2025-8243
Mitre link : CVE-2025-8243
CVE.ORG link : CVE-2025-8243
JSON object : View
Products Affected
totolink
- x15_firmware
- x15