What is the CVSS score of CVE-2025-5739?

CVE-2025-5739 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.7%.

Which versions of X15 Firmware are affected by CVE-2025-5739?

TOTOLINK X15 devices running version 1.0.0-B20230714.1105 are vulnerable to remote code execution through a buffer overflow in the configuration handler.

How to fix or mitigate CVE-2025-5739?

Within 24 hours: Identify all TOTOLIK X15 1.0.0-B20230714.1105 devices on your network and isolate them from untrusted networks; restrict administrative access to the /boafrm/formSaveConfig endpoint. Within 7 days: Implement network segmentation to limit direct internet access to affected devices; deploy WAF rules to block POST requests with suspicious submit-url parameters; evaluate replacement or upgrade options with your vendor. Within 30 days: Execute planned replacement or upgrading of affected devices to non-vulnerable versions; confirm all instances have been remediated and conduct security assessment.

X15 Firmware CVE-2025-5739

EUVD-2025-17104 HIGH

Buffer Overflow (CWE-119)

2025-06-06 cna@vuldb.com

Buffer Overflow TP-Link RCE X15 Firmware TOTOLINK

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 18:10 euvd

EUVD-2025-17104

Analysis Generated

Mar 14, 2026 - 18:10 vuln.today

CVE Published

Jun 06, 2025 - 09:15 nvd

HIGH 8.8

DescriptionCVE.org

A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated attacker can exploit the unsanitized 'submit-url' parameter to trigger a buffer overflow, potentially achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit proof-of-concept available, creating immediate real-world risk.

Technical ContextAI

This vulnerability resides in the HTTP POST request handling mechanism of TOTOLINK X15 router firmware, specifically within the /boafrm/formSaveConfig component. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow weakness. The 'submit-url' parameter lacks proper input validation and buffer boundary checks, allowing an attacker to write beyond allocated memory regions. The affected component processes user-supplied configuration data without adequate length validation, enabling stack or heap corruption depending on the memory layout. The vulnerability affects TOTOLINK X15 devices running firmware build B20230714.1105, which likely represents a residential Wi-Fi router or mesh system commonly deployed in home and small business networks.

CVE-2025-5739 vulnerability details – vuln.today

Back

X15 Firmware CVE-2025-5739

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Share

External POC / Exploit Code