Skip to main content
CVE-2025-6145 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) affecting the /boafrm/formSysLog HTTP POST handler. An authenticated attacker can exploit improper input validation on the 'submit-url' parameter to achieve buffer overflow, leading to remote code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, and the vulnerability affects a widely deployed consumer networking device.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6144 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (firmware version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at endpoint /boafrm/formSysCmd. An authenticated remote attacker can exploit this vulnerability by manipulating the 'submit-url' parameter to achieve buffer overflow, resulting in complete system compromise including confidentiality, integrity, and availability breaches. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6138 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the HTTP POST request handler. An authenticated attacker can remotely exploit the setWizardCfg function via the ssid5g parameter to achieve buffer overflow, resulting in complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow TP-Link T10 Firmware TOTOLINK
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6130 HIGH POC This Week

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6129 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists, increasing real-world exploitation risk.

Buffer Overflow TP-Link Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6128 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formWirelessTbl endpoint. An authenticated attacker can exploit the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public proof-of-concept code is available, and this vulnerability may be actively exploited in the wild.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-6143 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK EX1200T router firmware (version 4.1.2cu.5232_B20210713) affecting the NTP configuration handler. An authenticated attacker can remotely exploit this vulnerability via HTTP POST requests to the /boafrm/formNtp endpoint by manipulating the submit-url parameter, achieving remote code execution with complete system compromise (confidentiality, integrity, and availability). A public exploit has been disclosed and the vulnerability may be actively exploited in the wild.

Buffer Overflow TP-Link RCE Ex1200t Firmware TOTOLINK
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6137 HIGH POC This Week

Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiScheduleCfg function in the HTTP POST request handler. An authenticated remote attacker can exploit this vulnerability by manipulating the 'desc' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability. A public exploit has been disclosed and the vulnerability is likely actively exploited given its critical CVSS score of 8.8 and low attack complexity.

Buffer Overflow TP-Link RCE T10 Firmware TOTOLINK
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-6110 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in Tenda FH1201 firmware version 1.2.0.14(408) affecting the /goform/SafeMacFilter endpoint. An authenticated remote attacker can exploit the 'page' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit code exists and the vulnerability is actively exploitable.

Buffer Overflow Fh1201 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-6115 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter function through improper handling of mac_hostname_%d and sched_name_%d parameters. An authenticated remote attacker can exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability impacts (CVSS 8.8). Public exploit code is available and the product is end-of-life, significantly elevating real-world risk.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6114 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwarding configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the ingress_name_%d, sched_name_%d, or name_%d parameters to achieve remote code execution with high integrity and confidentiality impact. The vulnerability has public exploit code available and affects only end-of-life products no longer receiving vendor support, significantly elevating real-world risk for exposed legacy deployments.

Buffer Overflow D-Link RCE Dir 619l Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6113 HIGH POC This Week

Critical remote buffer overflow vulnerability in Tenda FH1203 firmware version 2.0.1.6 affecting the /goform/AdvSetLanip endpoint. An authenticated attacker can exploit improper input validation of the lanMask parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). A public proof-of-concept exploit exists, indicating active disclosure and potential real-world exploitation risk.

Buffer Overflow Fh1203 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6112 HIGH POC This Week

Critical buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7 affecting the lanMask parameter in the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit this to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). A public proof-of-concept exists, making this an active exploitation risk.

Buffer Overflow Fh1205 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-6111 HIGH POC This Week

Critical stack-based buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7(775) affecting the /goform/VirtualSer endpoint's 'page' parameter. An authenticated remote attacker can exploit this to achieve complete system compromise including arbitrary code execution, data exfiltration, and service disruption. The vulnerability has public exploit disclosure and demonstrated proof-of-concept availability, elevating immediate risk despite requiring valid credentials.

Buffer Overflow Fh1205 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-49795 HIGH POC PATCH CISA This Week

NULL pointer dereference in libxml2's XPath processing engine crashes applications parsing untrusted XML. Affects all major Linux distributions including Red Hat Enterprise Linux 10, Ubuntu (10 releases), Debian (8 releases), and SUSE. Remote unauthenticated attackers can trigger denial of service by sending crafted XPath expressions embedded in XML documents. Publicly available exploit code exists (GitHub gist). EPSS score is low (0.15%, 36th percentile) indicating limited widespread exploitation observed, and not currently listed in CISA KEV. Vendor patches available from Red Hat (2.12.5-7.el10_0), SUSE, and upstream libxml2 project.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-6104 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506. An authenticated attacker can remotely execute arbitrary operating system commands via the 'ipaddress' parameter in /billing/pms_check.php, achieving complete system compromise. Public exploit code exists, the vendor has not responded to early disclosure, and this vulnerability meets criteria for immediate exploitation in real-world environments.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6103 HIGH This Week

A critical OS command injection vulnerability exists in Wifi-soft UniBox Controller versions up to 20250506 within the /billing/test_accesscodelogin.php file's Password parameter, allowing authenticated remote attackers to execute arbitrary system commands with high impact on confidentiality, integrity, and availability. Public exploit code has been disclosed and the vendor has not responded to early disclosure notifications, indicating active exploitation risk and lack of official patches.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-6102 HIGH This Week

Critical OS command injection vulnerability in Wifi-soft UniBox Controller affecting versions up to 20250506, exploitable through the mac_address parameter in /authentication/logout.php. An authenticated attacker can remotely execute arbitrary OS commands with high impact on confidentiality, integrity, and availability. The vulnerability has been publicly disclosed with exploit code available, and the vendor has not responded to early disclosure attempts, significantly elevating real-world risk.

PHP Command Injection
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2025-40728 HIGH This Week

A SQL injection vulnerability in Customer Support System (CVSS 8.8) that allows an authenticated attacker. High severity vulnerability requiring prompt remediation.

PHP SQLi Information Disclosure Customer Support System
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-4987 HIGH This Week

A cross-site scripting vulnerability (CVSS 8.7) that allows an attacker. High severity vulnerability requiring prompt remediation.

XSS
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-5689 HIGH PATCH This Week

Privilege escalation flaw in authd's temporary user record handling during pre-authentication NSS operations that causes first-time SSH login users to be incorrectly assigned root group membership within their session context. This allows authenticated users (PR:L) to gain elevated group privileges over the network (AV:N) with low complexity, affecting system confidentiality (C:H) and integrity (I:L). The vulnerability has a high CVSS score of 8.5, though real-world exploitation requires valid login credentials and depends on authentication infrastructure specifics.

Privilege Escalation Linux SSH Authentication Bypass Authd +1
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-49124 HIGH PATCH This Week

A security vulnerability in Apache Tomcat installer for Windows (CVSS 8.4). High severity vulnerability requiring prompt remediation.

Microsoft Apache Tomcat Windows Privilege Escalation +1
NVD HeroDevs GitHub
CVSS 3.1
8.4
EPSS
0.1%
CVE-2025-3464 HIGH This Week

Race condition vulnerability in ASUS Armoury Crate that exploits a Time-of-check Time-of-use (TOCTOU) flaw to bypass authentication mechanisms. An authenticated local attacker can exploit this vulnerability to escalate privileges and potentially achieve integrity and availability impacts on the affected system. While the CVSS score of 8.4 is elevated, real-world exploitation requires local access and existing user privileges, limiting widespread impact.

Authentication Bypass
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-36632 HIGH PATCH This Week

Privilege escalation vulnerability in Tenable Agent for Windows (versions prior to 10.8.5) that allows a non-administrative local user to execute arbitrary code with SYSTEM-level privileges. This is a local privilege escalation (LPE) vulnerability with high severity (CVSS 7.8) requiring only local access and low complexity exploitation. The vulnerability represents a critical risk in multi-user Windows environments where standard users could gain complete system control.

Microsoft Information Disclosure Nessus Agent Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-48976 HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java Commons Fileupload Red Hat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-48988 HIGH PATCH This Week

A remote code execution vulnerability in Apache Tomcat (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Apache Tomcat Denial Of Service Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-3602 HIGH PATCH This Week

Liferay Portal and DXP versions fail to implement depth limiting on GraphQL queries, enabling unauthenticated remote attackers to execute deeply nested queries that consume excessive server resources and cause denial-of-service. This affects Liferay Portal 7.4.0-7.4.3.97 and multiple DXP versions (2023.Q3.1-2023.Q3.2, 7.4 GA-Update 92, 7.3 GA-Update 35, 7.2 FP 8-20). With a CVSS 7.5 score, high network exploitability, and no authentication required, this represents a significant availability risk to exposed Liferay installations.

Information Disclosure Digital Experience Platform Liferay Portal
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-49125 HIGH PATCH This Week

CVE-2025-49125 is an authentication bypass vulnerability in Apache Tomcat affecting versions 8.5.0-8.5.100, 9.0.0-9.0.105, 10.1.0-10.1.41, and 11.0.0-11.0.7. The vulnerability allows unauthenticated remote attackers to access PreResources or PostResources mounted outside the web application root via alternate path traversal, bypassing security constraints configured for the intended resource path. With a CVSS score of 7.5 and high confidentiality impact, this represents a critical authentication mechanism failure that requires immediate patching.

Apache Tomcat Authentication Bypass Java Red Hat +1
NVD HeroDevs GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-3526 HIGH PATCH This Week

A security vulnerability in Liferay Portal 7.0.0 (CVSS 7.5) that allows remote attackers. High severity vulnerability requiring prompt remediation.

Information Disclosure Digital Experience Platform Liferay Portal
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-6177 HIGH This Week

Local privilege escalation vulnerability in Google ChromeOS MiniOS that allows unauthenticated attackers to achieve root code execution by exploiting an accessible debug shell (VT3 console) through specific key combinations during developer mode entry, circumventing device policy restrictions and Firmware Write Protect mechanisms. This vulnerability affects ChromeOS version 16063.45.2 and potentially other versions on enrolled devices, with a CVSS score of 7.4 indicating high severity. The attack requires local access and specific technical knowledge of key sequences, but no user interaction is needed once device access is obtained.

RCE Privilege Escalation Google Chrome Os Chrome
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-32797 HIGH PATCH This Week

A security vulnerability in Conda-build (CVSS 7.0). High severity vulnerability requiring prompt remediation. Vendor patch is available.

RCE Conda Build
NVD GitHub
CVSS 3.1
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy