CVE-2025-5504 | TOTOLINK X2000R 1.0.0-B20230726.1108 /boafrm/formWsc peerRptPin command injection

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection.

This vulnerability was named CVE-2025-5504. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5504 | TOTOLINK X2000R 1.0.0-B20230726.1108 /boafrm/formWsc peerRptPin command injection

Post correlati

CVE-2023-48748 | Salient Core Plugin up to 2.0.2 on WordPress cross site scripting

CVE-2023-49272 | Kashipara Group Hotel Management 1.0 reservation.php children cross site scripting

CVE-2024-1156 | NI SystemLink Server/FlexLogger RabbitMQ Service default permission

CVE-2023-31360 | AMD AIM-T Integrated Management Technology software prior 4.0.0.722 Manageability Service default permission