CVE-2025-5735

| EUVD-2025-17095 HIGH
2025-06-06 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17095
CVE Published
Jun 06, 2025 - 08:15 nvd
HIGH 8.8

Tags

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK

Description

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

Critical buffer overflow vulnerability in TOTOLINK X15 wireless router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formSetLg endpoint. An authenticated attacker can exploit the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed, making this an actively exploitable vulnerability with demonstrated proof-of-concept.

Technical Context

The vulnerability resides in the HTTP POST request handler component of the TOTOLINK X15 router's web management interface. The /boafrm/formSetLg endpoint processes the 'submit-url' parameter without proper input validation or bounds checking, leading to a classic stack-based or heap-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer). The affected technology involves embedded web server processing on a network device, where the router firmware handles user-supplied input during form submission. CPE identifier: cpe:2.3:o:totolink:x15_firmware:1.0.0-b20230714.1105:*:*:*:*:*:*:* indicates this is firmware-level code execution vulnerability in a consumer-grade Wi-Fi router, likely written in C/C++ without memory-safe boundaries.

Affected Products

TOTOLINK X15 (['1.0.0-B20230714.1105'])

Remediation

Upgrade to patched firmware version (not specified in available data; contact TOTOLINK support for latest stable release post-B20230714.1105); priority: IMMEDIATE; note: Firmware patches for consumer routers typically available through device web interface (Administration > Firmware Upgrade) or vendor website Workaround (Temporary - NOT a substitute for patching): Restrict HTTP/HTTPS access to the router's web management interface: (1) Disable remote management (Administration > System Settings > Enable Remote Management = OFF); (2) Restrict local access to trusted IP addresses via firewall rules if available; (3) Change default admin credentials to strong password; (4) Isolate router management to private network segment; priority: HIGH; note: These do not eliminate vulnerability but reduce attack surface Network Mitigation: Implement network-level controls: (1) Ensure router is behind upstream firewall; (2) Block external access to router management ports (HTTP/HTTPS typically 80/443 or 8080); (3) Monitor outbound connections from router for C2 communication; priority: MEDIUM Vendor Contact: Check TOTOLINK support portal and security advisories for patch release timeline; no vendor advisory URL provided in CVE data—direct contact recommended; priority: HIGH

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.4
CVSS: +44
POC: 0

Share

CVE-2025-5735 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy