CVE-2025-4852 | TOTOLINK A3002R 2.1.1-B20230720.1011 VPN Page Comment cross site scripting

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting.

The identification of this vulnerability is CVE-2025-4852. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4852 | TOTOLINK A3002R 2.1.1-B20230720.1011 VPN Page Comment cross site scripting

Post correlati

CVE-2025-20621 | Mattermost up to 2.23.0/9.11.5/10.0.3/10.1.3/10.2.0 improper validation of specified type of input

CVE-2024-1186 | Munsoft Easy Archive Recovery 2.0 Registration Key denial of service

CVE-2024-40535 | Shenzhen Libituo Technology LBT-T300-T400 3.2 config_3g_para apn_name_3g stack-based overflow

CVE-2024-30923 | jeffpiazza DerbyNet 9.0 Racer Document Rendering print/render/racer.inc sql injection