X5000R
Monthly
Buffer overflow in Totolink X5000R 9.1.0u.6369_B20230113 router firmware allows authenticated remote attackers to execute arbitrary code or cause denial of service via crafted submit-url parameter to /boafrm/formDdns endpoint. Public exploit code exists (GitHub). CVSS 7.4 indicates high severity but requires authenticated access (PR:L), limiting immediate risk to environments where router credentials are compromised. EPSS data not available; prioritize if router exposed to internet or untrusted networks.
Buffer overflow in Totolink X5000R 9.1.0u.6369_B20230113 router firmware allows authenticated remote attackers to execute arbitrary code or cause denial of service via crafted submit-url parameter to /boafrm/formDdns endpoint. Public exploit code exists (GitHub). CVSS 7.4 indicates high severity but requires authenticated access (PR:L), limiting immediate risk to environments where router credentials are compromised. EPSS data not available; prioritize if router exposed to internet or untrusted networks.