CVE-2025-8242

Name of the Vulnerable Software and Affected Versions TOTOLINK X15 version 1.0.0-B20230714.1105

Description A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK X15. The vulnerability is located in the unknown code of the /boafrm/formFilter file and results in a buffer overflow. The manipulation of the ip6addr, url, vpnPassword, or vpnUser arguments can trigger this issue. The attack can be initiated remotely, and a public exploit is available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.