Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler at endpoint /boafrm/formReflashClientTbl. An authenticated remote attacker can exploit improper argument validation in the 'submit-url' parameter to achieve complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code exists and the vulnerability meets CISA KEV criteria for active exploitation risk.
Technical ContextAI
The vulnerability resides in the HTTP POST request handler component of TOTOLINK's web-based device management interface, specifically in the /boafrm/formReflashClientTbl endpoint. The root cause is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating a classic stack or heap-based buffer overflow condition. The vulnerable code fails to properly validate or sanitize the 'submit-url' parameter length before copying it into a fixed-size buffer, allowing an attacker to write beyond buffer boundaries. This affects the firmware of TOTOLINK X15 router models running build B20230714.1105 and potentially earlier versions. The affected CPE is CPE:2.3:o:totolink:x15_firmware:1.0.0-b20230714.1105:*:*:*:*:*:*:*. The vulnerability exists in firmware-level code responsible for client table reflashing operations, which may interact with critical system processes.
RemediationAI
Patch/Upgrade: Contact TOTOLINK support or check the official TOTOLINK support portal for firmware updates released after 2023-07-14. Update the X15 router firmware to the latest available version that addresses CVE-2025-5788.; priority: CRITICAL Network Segmentation: Restrict HTTP POST access to the /boafrm/formReflashClientTbl endpoint using firewall rules or access control lists. Only allow administrative access from trusted IP ranges.; priority: HIGH Credential Hardening: Change default router credentials immediately and enforce strong, unique passwords for all administrative accounts to reduce the likelihood of authentication bypass.; priority: HIGH Access Monitoring: Monitor router logs for suspicious POST requests to /boafrm/formReflashClientTbl with unusual submit-url parameter lengths or values.; priority: MEDIUM Disable Remote Management: Disable remote HTTP/HTTPS management access if not required; configure access only from local network.; priority: MEDIUM
More in X15 Firmware
View allA buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK X15 firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST r
Critical remote buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting t
A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.
A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown
CVE-2025-6399 is a critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105)
CVE-2025-6402 is a critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affectin
A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST req
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST req
Critical buffer overflow vulnerability in TOTOLINK X15 1.0.0-B20230714.1105 affecting the DMZ configuration HTTP POST ha
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-17328