Vulnerability Description
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Totolink | N300Rh Firmware | 6.1c.1390_b20191101 |
| Totolink | N300Rh | - |
Related Weaknesses (CWE)
References
- https://github.com/d2pq/cve/blob/main/616/21.mdExploitThird Party Advisory
- https://github.com/d2pq/cve/blob/main/616/21.md#pocExploitThird Party Advisory
- https://vuldb.com/?ctiid.313395Permissions RequiredThird Party AdvisoryVDB Entry
- https://vuldb.com/?id.313395Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.597688Third Party AdvisoryVDB Entry
- https://www.totolink.net/Product
- https://github.com/d2pq/cve/blob/main/616/21.mdExploitThird Party Advisory
FAQ
What is CVE-2025-6401?
CVE-2025-6401 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message ...
How severe is CVE-2025-6401?
CVE-2025-6401 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-6401?
Check the references section above for vendor advisories and patch information. Affected products include: Totolink N300Rh Firmware, Totolink N300Rh.