CNNVD-202506-1982 Information

Jun 17, 2025 cve

CNNVD ID

CNNVD-202506-1982

CVE-2025-6165

CNNVD Published: 2025-06-17

Description (Chinese)

TOTOLINK X15是中国吉翁电子（TOTOLINK）公司的一款网络无线扩展器。 TOTOLINK X15 1.0.0-B20230714.1105版本存在安全漏洞，该漏洞源于HTTP POST Request Handler组件中文件/boafrm/formTmultiAP对参数submit-url的错误操作导致缓冲区溢出。

Description (English)

TOTOLINK X15 is a network wireless extension of the Chinese company TOTOLINK. There is a security loophole in version TOTOLINK X15 1.0.0-B20230714.1105, which originates from the error in the document/boafrm/formTmultiAP against parameter submit-url in the HTTTP POST Review Handler component.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

头歌

Published

2025-06-17

Last Modified

2026-02-24

References

https://www.totolink.net/ https://github.com/awindog/cve/blob/main/688/11.md https://vuldb.com/?submit.593603 https://github.com/awindog/cve/blob/main/688/11.md#poc https://vuldb.com/?ctiid.312640 https://vuldb.com/?id.312640 https://access.redhat.com/security/cve/cve-2025-6165 https://nvd.nist.gov/vuln/detail/CVE-2025-6165

Share on: