Aggregator

CVE-2025-6152 | Steel Browser up to 0.1.3 files.routes.ts handleFileUpload filename path traversal (Issue 129)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Steel Browser up to 0.1.3. This affects the function handleFileUpload of the file api/src/modules/files/files.routes.ts. The manipulation of the argument filename leads to path traversal. This vulnerability is uniquely identified as CVE-2025-6152. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-6151 | TP-Link TL-WR940N V4 WanSlaacCfgRpm.htm dnsserver1 buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the argument dnsserver1 leads to buffer overflow. This vulnerability is handled as CVE-2025-6151. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6150 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request /boafrm/formMultiAP submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is known as CVE-2025-6150. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6149 | TOTOLINK A3002R 4.0.0-B20230531.1404 HTTP POST Request /boafrm/formSysLog submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is traded as CVE-2025-6149. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6148 | TOTOLINK A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formSysLog submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The identification of this vulnerability is CVE-2025-6148. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6147 | TOTOLINK A702R 4.0.0-B20230721.1521 HTTP POST Request /boafrm/formSysLog submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability was named CVE-2025-6147. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6146 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request /boafrm/formSysLog submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. This affects an unknown part of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-6146. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6145 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formSysLog submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is handled as CVE-2025-6145. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6144 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formSysCmd submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is known as CVE-2025-6144. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6143 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formNtp submit-url buffer overflow

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is traded as CVE-2025-6143. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad