CVE-2025-8170
published 2025-07-25CVE-2025-8170: A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file…
PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.03%
59.6th percentile
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | t6 | — | — |
| totolink | t6_firmware | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.4HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h7jx-x34c-vc7c: A vulnerability classified as critical was found in TOTOLINK T6 4
ghsa_unreviewed·2025-07-25
CVE-2025-8170 [HIGH] CWE-119 GHSA-h7jx-x34c-vc7c: A vulnerability classified as critical was found in TOTOLINK T6 4
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
GHSA
GeoServer Missing Authorization on REST API Index
ghsa·2025-06-10
CVE-2025-27505 [MEDIUM] CWE-862 GeoServer Missing Authorization on REST API Index
GeoServer Missing Authorization on REST API Index
### Summary
It is possible to bypass the default REST API security and access the index page.
### Details
The REST API security handles `rest` and its subpaths but not `rest` with an extension (e.g., `rest.html`).
### Impact
The REST API index can disclose whether certain extensions are installed.
### Workaround
In `${GEOSERVER_DATA_DIR}/security/config.xml`, change the paths for the `rest` filter to `/rest.*,/rest/**` and change the paths for the `gwc` filter to `/gwc/rest.*,/gwc/rest/**` and restart GeoServer.
### References
https://osgeo-org.atlassian.net/browse/GEOS-11664
https://osgeo-org.atlassian.net/browse/GEOS-11776
https://github.com/geoserver/geoserver/pull/8170
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-25
Published