CVE-2025-8937 | TOTOLINK N350R 1.2.3-B20130826 /boafrm/formSysCmd command injection

Inserito da Angelo Barbosa | Ago 13, 2025 | CVE

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection.

This vulnerability was named CVE-2025-8937. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8937 | TOTOLINK N350R 1.2.3-B20130826 /boafrm/formSysCmd command injection

Post correlati

CVE-2024-10669 | Countdown Timer Block Plugin up to 1.2.4 on WordPress Post information disclosure

CVE-2024-11511 | IrfanView XCF File Parser heap-based overflow (ZDI-24-1556)

CVE-2024-43134 | xootix Waitlist Woocommerce Plugin up to 2.6 on WordPress authorization

CVE-2024-40988 | Linux Kernel up to 6.9.6 kv_dpm.c memory corruption