CVE-2025-8245

Name of the Vulnerable Software and Affected Versions TOTOLINK X15 version 1.0.0-B20230714.1105

Description A critical vulnerability exists in the TOTOLINK X15 router's built-in boa server. The issue is a buffer overflow within the memory during the processing of the submit-url parameter. This vulnerability affects an unknown functionality of the /boafrm/formMultiAPVLAN file within the HTTP POST Request Handler component. Exploitation of this issue allows a remote attacker to cause a denial of service by sending a specially crafted POST request. The exploit has been publicly disclosed and may be actively used.

Recommendations TOTOLINK X15 version 1.0.0-B20230714.1105: At the moment, there is no information about a newer version that contains a fix for this vulnerability.