CVE-2025-5504 | TOTOLINK X2000R 1.0.0-B20230726.1108 /boafrm/formWsc peerRptPin command injection

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection.

This vulnerability was named CVE-2025-5504. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5504 | TOTOLINK X2000R 1.0.0-B20230726.1108 /boafrm/formWsc peerRptPin command injection

Post correlati

CVE-2024-2844 | Easy Appointments Plugin up to 3.11.18 on WordPress improper authorization

CVE-2024-0240 | Silicon Labs Gecko SDK prior 4.3.0 Notifications resource consumption

CVE-2024-21407 | Microsoft unknown vulnerability

CVE-2024-33541 | BetterAddons Better Elementor Addons Plugin up to 1.4.1 on WordPress path traversal