Skip to main content

X15 Firmware CVE-2025-5790

| EUVDEUVD-2025-17347 HIGH
Buffer Overflow (CWE-119)
2025-06-06 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17347
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
CVE Published
Jun 06, 2025 - 18:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler for the /boafrm/formIpQoS endpoint. An authenticated remote attacker can exploit improper input validation on the 'mac' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability (CIA triad). Public exploit disclosure and proof-of-concept availability significantly elevate real-world exploitation risk.

Technical ContextAI

The vulnerability exists in TOTOLINK X15, a wireless router device, specifically within the HTTP POST request handler that processes QoS (Quality of Service) configuration via the /boafrm/formIpQoS endpoint. The vulnerability is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow condition where insufficient bounds checking on the 'mac' parameter allows an attacker to write beyond allocated buffer boundaries. The affected component is part of the device's web-based administrative interface, likely implemented in C/C++ firmware code. The HTTP POST handler fails to validate or sanitize the 'mac' argument length before copying it into a fixed-size buffer, enabling stack or heap-based buffer overflow. CPE identification: cpe:2.3:o:totolink:x15_firmware:1.0.0-b20230714.1105:*:*:*:*:*:*:*

RemediationAI

Contact TOTOLINK support or check official firmware repository for patched firmware version addressing CVE-2025-5790. Apply firmware update that includes bounds checking and input validation for the 'mac' parameter in /boafrm/formIpQoS handler.; priority: CRITICAL; timeline: Apply immediately upon availability Workaround: Restrict network access to the HTTP administrative interface (:80/:443) using firewall rules. Limit access to trusted IP addresses/subnets only. Disable remote management if not required.; priority: HIGH; timeline: Implement immediately as interim measure Mitigation: Implement network segmentation to isolate IoT/router management interfaces. Use strong authentication credentials (change default admin password). Monitor for suspicious HTTP POST requests to /boafrm/formIpQoS with abnormally long 'mac' parameter values.; priority: HIGH; timeline: Implement as defense-in-depth Detection: Monitor device logs for POST requests to /boafrm/formIpQoS with 'mac' parameters exceeding typical MAC address length (17 bytes for XX:XX:XX:XX:XX:XX format). Deploy IDS/IPS signatures detecting buffer overflow patterns in HTTP requests.; priority: MEDIUM; timeline: Enable continuous monitoring

CVE-2025-5503 HIGH POC
8.8 Jun 03

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6165 HIGH POC
8.8 Jun 17

Critical buffer overflow vulnerability in TOTOLINK X15 firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST r

CVE-2025-6150 HIGH POC
8.8 Jun 17

Critical remote buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting t

CVE-2025-6146 HIGH POC
8.8 Jun 17

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6824 HIGH POC
8.8 Jun 28

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown

CVE-2025-6399 HIGH POC
8.8 Jun 21

CVE-2025-6399 is a critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105)

CVE-2025-6402 HIGH POC
8.8 Jun 21

CVE-2025-6402 is a critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affectin

CVE-2025-5502 MEDIUM POC
6.3 Jun 03

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this

CVE-2025-5788 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 router firmware version 1.0.0-B20230714.1105, affecting the HTTP

CVE-2025-5787 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST req

CVE-2025-5786 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 1.0.0-B20230714.1105 affecting the DMZ configuration HTTP POST ha

CVE-2025-5785 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP

Share

CVE-2025-5790 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy