A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the component MQTT Service. The manipulation of the argument dest leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7837 is a critical buffer overflow vulnerability identified in the TOTOLINK T6 router, specifically affecting version 4.1.5cu.748_B20211015. The flaw resides in the MQTT Service component, within the function recvSlaveStaInfo. This function improperly handles the argument 'dest', allowing an attacker to manipulate it in a way that causes a buffer overflow. Buffer overflow vulnerabilities can lead to arbitrary code execution, denial of service, or system crashes. The vulnerability is remotely exploitable without requiring user interaction or prior authentication, increasing the risk of widespread exploitation. The CVSS 4.0 base score is 8.7, indicating a high severity level. The vector details show that the attack can be launched over the network (AV:N) with low attack complexity (AC:L), no privileges required (PR:L), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is high (VC:H, VI:H, VA:H), meaning successful exploitation could fully compromise the device. Although no public exploit is currently known to be in the wild, the exploit code has been disclosed publicly, raising the urgency for mitigation. The TOTOLINK T6 router is commonly used in small to medium-sized enterprise and home environments, often serving as a network gateway device. The MQTT service is typically used for IoT or device communication, suggesting that this vulnerability could be leveraged to pivot into connected devices or disrupt network operations.

CVE Database V5

Detailed information about CVE-2025-7837: Buffer Overflow in TOTOLINK T6 affecting TOTOLINK T6. Get real-time updates, technical details, and mitigation strateg

CVE-2025-7837: Buffer Overflow in TOTOLINK T6 - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7837: Buffer Overflow in TOTOLINK T6

A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-7836 is a command injection vulnerability identified in the D-Link DIR-816L router, specifically affecting firmware version 2.06B01 and earlier. The vulnerability resides in the lxmldbc_system function within the /htdocs/cgibin directory, part of the Environment Variable Handler component. This flaw allows an attacker to remotely execute arbitrary commands on the device without requiring user interaction or authentication. The vulnerability is exploitable over the network, meaning an attacker can send specially crafted requests to the vulnerable router to inject and execute system commands. Although the CVSS 4.0 base score is 5.3 (medium severity), the potential for remote command execution elevates the risk profile, especially since the device is no longer supported by the vendor, implying no official patches or firmware updates are available. The exploit details have been publicly disclosed, increasing the likelihood of exploitation attempts. The vulnerability impacts the confidentiality, integrity, and availability of the affected device, as attackers could manipulate device configurations, intercept or redirect traffic, or disrupt network connectivity. However, the CVSS vector indicates that the attack requires low privileges (PR:L), no user interaction (UI:N), and has low impact on confidentiality, integrity, and availability individually, but collectively the impact is notable. The lack of vendor support means mitigation relies on network-level controls or device replacement.

Detailed information about CVE-2025-7836: Command Injection in D-Link DIR-816L affecting D-Link DIR-816L. Get real-time updates, technical details, and mitigati

CVE-2025-7836: Command Injection in D-Link DIR-816L - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7836: Command Injection in D-Link DIR-816L

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

CVE-2025-54313 is a high-severity supply chain vulnerability affecting multiple versions of the npm package eslint-config-prettier, specifically versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7. This package is widely used in JavaScript and TypeScript development environments to disable ESLint rules that conflict with Prettier formatting. The vulnerability involves embedded malicious code introduced during the package installation process. When an affected version is installed, it executes an install.js script that launches a malicious payload named node-gyp.dll on Windows systems. This DLL is malware that could compromise the host system. The vulnerability is classified under CWE-506, which pertains to embedded malicious code, indicating that the malicious payload is hidden within legitimate software components, making detection and prevention challenging. The CVSS v3.1 score of 7.5 reflects a high severity, with network attack vector (AV:N), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), and a scope change (S:C). The impact on confidentiality is low, but integrity is high, and availability is not affected. Although no known exploits are reported in the wild yet, the potential for supply chain compromise is significant because developers and organizations frequently rely on this package in their build and CI/CD pipelines. The malicious code execution during installation means that any system running Windows and installing these versions is at risk of infection, potentially leading to unauthorized code execution, data integrity compromise, and further malware propagation within development environments.

Detailed information about CVE-2025-54313: CWE-506 Embedded Malicious Code in prettier eslint-config-prettier affecting prettier eslint-config-prettier. Get rea

CVE-2025-54313: CWE-506 Embedded Malicious Code in prettier eslint-config-prettier - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-54313: CWE-506 Embedded Malicious Code in prettier eslint-config-prettier

A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7834 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 2.0 of the PHPGurukul Complaint Management System. CSRF vulnerabilities occur when an attacker tricks an authenticated user into submitting a forged HTTP request to a vulnerable web application, causing the application to perform unintended actions on behalf of the user. In this case, the vulnerability affects an unspecified function within the Complaint Management System, allowing remote attackers to exploit the flaw without requiring any privileges or authentication. The CVSS 4.0 base score of 5.3 (medium severity) reflects that the attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), but user interaction is necessary (UI:P). The impact on confidentiality is none, while integrity is low and availability is none, indicating that the attacker can cause limited unauthorized changes but not disrupt service or access sensitive data. The vulnerability has been publicly disclosed, but no known exploits have been observed in the wild yet. The absence of patches or mitigation links suggests that the vendor has not yet released an official fix. Given the nature of CSRF, the attack typically targets users who are already authenticated to the system, tricking them into executing unwanted commands such as submitting complaints, changing settings, or other state-changing operations within the Complaint Management System. This can lead to unauthorized data manipulation or abuse of system functionality.

Detailed information about CVE-2025-7834: Cross-Site Request Forgery in PHPGurukul Complaint Management System affecting PHPGurukul Complaint Management System.

CVE-2025-7834: Cross-Site Request Forgery in PHPGurukul Complaint Management System - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7834: Cross-Site Request Forgery in PHPGurukul Complaint Management System

A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage_seat.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Detailed information about CVE-2025-7838: SQL Injection in Campcodes Online Movie Theater Seat Reservation System affecting Campcodes Online Movie Theater Seat 

CVE-2025-7838: SQL Injection in Campcodes Online Movie Theater Seat Reservation System

CVE-2025-7838: SQL Injection in Campcodes Online Movie Theater Seat Reservation System

Description

Technical Details

Related Threats

CVE-2025-7837: Buffer Overflow in TOTOLINK T6

CVE-2025-7836: Command Injection in D-Link DIR-816L

CVE-2025-54313: CWE-506 Embedded Malicious Code in prettier eslint-config-prettier

CVE-2025-7834: Cross-Site Request Forgery in PHPGurukul Complaint Management System

CVE-2025-7833: SQL Injection in code-projects Church Donation System

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility