{"id":7114,"date":"2025-06-21T02:09:50","date_gmt":"2025-06-21T02:09:50","guid":{"rendered":"http:\/\/localhost\/?p=7114"},"modified":"2025-06-21T02:09:50","modified_gmt":"2025-06-21T02:09:50","slug":"totolink-n300rh-http-post-message-formfilter-denial-of-service","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7114","title":{"rendered":"TOTOLINK N300RH HTTP POST Message formFilter denial of service"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nTOTOLINK N300RH HTTP POST Message formFilter denial of service<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-21T06:31:08.227Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nTOTOLINK<\/td>\n<\/tr>\n
Product<\/th>\nN300RH<\/td>\n<\/tr>\n
Version<\/th>\n6.1c.1390_B20191101<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.1 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:A\/AC:L\/AT:N\/PR:L\/UI:N\/VC:N\/VI:N\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA vulnerability in the TOTOLINK N300RH router’s HTTP POST Message Handler allows attackers to cause a denial of service by manipulating the ‘url’ argument in the formFilter component. This could disrupt the availability of the network. The issue is considered medium severity and has been publicly disclosed.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nTOTOLINK<\/td>\n<\/tr>\n
Product<\/th>\nN300RH<\/td>\n<\/tr>\n
Affected Version<\/th>\n6.1c.1390_B20191101<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n