PT-2025-18029 · Totolink · Totolink N150Rt
Lcyf-Fizz
·
Published
2025-04-06
·
Updated
2025-05-03
·
CVE-2025-3992
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TOTOLINK N150RT version 3.4.0-B20190525
Description
A critical vulnerability has been found in the TOTOLINK N150RT, affecting the file /boafrm/formWlwds. The manipulation of the
submit-url argument leads to a buffer overflow. This issue can be exploited remotely.Recommendations
For TOTOLINK N150RT version 3.4.0-B20190525, consider disabling access to the /boafrm/formWlwds file or restricting the manipulation of the
submit-url argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Totolink N150Rt