CVE-2025-6401

low

Description

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.

References

https://www.totolink.net/

https://vuldb.com/?submit.597688

https://vuldb.com/?id.313395

https://vuldb.com/?ctiid.313395

https://github.com/d2pq/cve/blob/main/616/21.md#poc

https://github.com/d2pq/cve/blob/main/616/21.md

Details

Source: Mitre, NVD

Published: 2025-06-21

Updated: 2025-06-21

Risk Information

CVSS v2

Base Score: 2.3

Vector: CVSS2#AV:A/AC:M/Au:S/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 3.5

Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Severity: Low

CVSS v4

Base Score: 2

Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Severity: Low

EPSS

EPSS: 0.00041