CVE Details
Basic Information
| Title | TOTOLINK N300RH HTTP POST Message formFilter denial of service |
|---|---|
| Type | cve |
| Published | 2025-06-21T06:31:08.227Z |
| Last Seen |
Product Information
| Vendor | TOTOLINK |
|---|---|
| Product | N300RH |
| Version | 6.1c.1390_B20191101 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in the TOTOLINK N300RH router’s HTTP POST Message Handler allows attackers to cause a denial of service by manipulating the ‘url’ argument in the formFilter component. This could disrupt the availability of the network. The issue is considered medium severity and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| Vendor | TOTOLINK |
| Product | N300RH |
| Affected Version | 6.1c.1390_B20191101 |
Affected Products
- TOTOLINK N300RH 6.1c.1390_B20191101
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-404 |
| Bulletin Family |
References
Description
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.