CVE-2025-8243

Name of the Vulnerable Software and Affected Versions TOTOLINK X15 version 1.0.0-B20230714.1105

Description A critical vulnerability exists in the TOTOLINK X15 router's built-in boa server. The issue is a buffer overflow within the memory during the processing of the devicemac1 parameter via an HTTP POST request to the /boafrm/formMapDel endpoint. Exploitation of this vulnerability could allow a remote attacker to cause a denial of service. The exploit has been publicly disclosed.

Recommendations TOTOLINK X15 version 1.0.0-B20230714.1105: At the moment, there is no information about a newer version that contains a fix for this vulnerability.