Skip to main content

X15 Firmware CVE-2025-6146

| EUVDEUVD-2025-18427 HIGH
Buffer Overflow (CWE-119)
2025-06-17 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 22:15 euvd
EUVD-2025-18427
Analysis Generated
Mar 14, 2026 - 22:15 vuln.today
PoC Detected
Jun 23, 2025 - 19:29 vuln.today
Public exploit code
CVE Published
Jun 17, 2025 - 00:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. This affects an unknown part of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Technical ContextAI

CWE-119 (Buffer Overflow). CVSS 8.8 indicates high severity. Affects A vulnerability.

RemediationAI

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

CVE-2025-5503 HIGH POC
8.8 Jun 03

A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.

CVE-2025-6165 HIGH POC
8.8 Jun 17

Critical buffer overflow vulnerability in TOTOLINK X15 firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST r

CVE-2025-6150 HIGH POC
8.8 Jun 17

Critical remote buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting t

CVE-2025-6824 HIGH POC
8.8 Jun 28

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown

CVE-2025-6399 HIGH POC
8.8 Jun 21

CVE-2025-6399 is a critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105)

CVE-2025-6402 HIGH POC
8.8 Jun 21

CVE-2025-6402 is a critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affectin

CVE-2025-5502 MEDIUM POC
6.3 Jun 03

A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this

CVE-2025-5790 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST req

CVE-2025-5788 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 router firmware version 1.0.0-B20230714.1105, affecting the HTTP

CVE-2025-5787 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST req

CVE-2025-5786 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 1.0.0-B20230714.1105 affecting the DMZ configuration HTTP POST ha

CVE-2025-5785 HIGH
8.8 Jun 06

Critical buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP

Share

CVE-2025-6146 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy