Auto-Update: 2025-06-21T06:00:22.001024+00:00

CVE-2025/CVE-2025-63xx/CVE-2025-6399.json

@@ -0,0 +1,149 @@
+{
+  "id": "CVE-2025-6399",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-06-21T04:15:23.140",
+  "lastModified": "2025-06-21T04:15:23.140",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 7.4,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "HIGH",
+          "vulnIntegrityImpact": "HIGH",
+          "vulnAvailabilityImpact": "HIGH",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "PROOF_OF_CONCEPT",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
+          "baseScore": 9.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "COMPLETE",
+          "integrityImpact": "COMPLETE",
+          "availabilityImpact": "COMPLETE"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 8.0,
+        "impactScore": 10.0,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-119"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-120"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/d2pq/cve/blob/main/616/19.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/d2pq/cve/blob/main/616/19.md#poc",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.313392",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.313392",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.597681",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.totolink.net/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-06-21T04:00:19.729597+00:00
+2025-06-21T06:00:22.001024+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-06-21T03:15:24.990000+00:00
+2025-06-21T04:15:23.140000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,21 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-298978
+298979
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `8`
+Recently added CVEs: `1`
 
-- [CVE-2025-52485](CVE-2025/CVE-2025-524xx/CVE-2025-52485.json) (`2025-06-21T03:15:23.767`)
-- [CVE-2025-52486](CVE-2025/CVE-2025-524xx/CVE-2025-52486.json) (`2025-06-21T03:15:24.507`)
-- [CVE-2025-52487](CVE-2025/CVE-2025-524xx/CVE-2025-52487.json) (`2025-06-21T03:15:24.667`)
-- [CVE-2025-52488](CVE-2025/CVE-2025-524xx/CVE-2025-52488.json) (`2025-06-21T03:15:24.817`)
-- [CVE-2025-52552](CVE-2025/CVE-2025-525xx/CVE-2025-52552.json) (`2025-06-21T03:15:24.990`)
-- [CVE-2025-52556](CVE-2025/CVE-2025-525xx/CVE-2025-52556.json) (`2025-06-21T02:15:19.947`)
-- [CVE-2025-52557](CVE-2025/CVE-2025-525xx/CVE-2025-52557.json) (`2025-06-21T02:15:20.107`)
-- [CVE-2025-6394](CVE-2025/CVE-2025-63xx/CVE-2025-6394.json) (`2025-06-21T02:15:20.247`)
+- [CVE-2025-6399](CVE-2025/CVE-2025-63xx/CVE-2025-6399.json) (`2025-06-21T04:15:23.140`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -298187,18 +298187,18 @@ CVE-2025-5247,0,0,54e3a381cfd9dfdb05827b9f71ff8bbd85014209bf716148a0d5df41e284d4
 CVE-2025-52474,0,0,90aca3999fbf5ca7dd4557d7388545c99ea4ce981f2f9c8d02593988d225c460,2025-06-19T04:15:53.793000
 CVE-2025-5248,0,0,cb74e13c3a661382a173d2171f53e905ac7962a17d411318369a81c1a4c9d649,2025-06-10T15:12:22.573000
 CVE-2025-52484,0,0,7906e8b10f2a59c25311b93495cd85fcb8342c1455343ef15746f82c5e88c2d6,2025-06-20T18:15:28.747000
-CVE-2025-52485,1,1,2c3306f11cfb58166e018fc94811f3c66b7fdb4732b46519985162db6b1782f9,2025-06-21T03:15:23.767000
-CVE-2025-52486,1,1,dd26e6454c673dca00237655f74d091343c7ce4354f493a88dffdc5f60570b96,2025-06-21T03:15:24.507000
-CVE-2025-52487,1,1,24240f093a57140347936a93cc62da391b283dea9683e874ef692c5b808cbef5,2025-06-21T03:15:24.667000
-CVE-2025-52488,1,1,9c0f20c44bf53b2cad03c39b708215058a7b924b1f7afab8b2379e42c152bf91,2025-06-21T03:15:24.817000
+CVE-2025-52485,0,0,2c3306f11cfb58166e018fc94811f3c66b7fdb4732b46519985162db6b1782f9,2025-06-21T03:15:23.767000
+CVE-2025-52486,0,0,dd26e6454c673dca00237655f74d091343c7ce4354f493a88dffdc5f60570b96,2025-06-21T03:15:24.507000
+CVE-2025-52487,0,0,24240f093a57140347936a93cc62da391b283dea9683e874ef692c5b808cbef5,2025-06-21T03:15:24.667000
+CVE-2025-52488,0,0,9c0f20c44bf53b2cad03c39b708215058a7b924b1f7afab8b2379e42c152bf91,2025-06-21T03:15:24.817000
 CVE-2025-5249,0,0,fc0947e1350e4210bd6e677b41423c19ba4df5864aa9264c3ec9f64636ca0b76,2025-05-28T15:01:30.720000
 CVE-2025-5250,0,0,2a4bdc606e390fc951ba8f4ded6d97e8a69fbc9ec9574eb66322c159fbee23de,2025-06-10T15:12:33.010000
 CVE-2025-5251,0,0,f632fe7c5885617fb201b5b935c30961323c6054755926cad7791588fe5ea46c,2025-06-10T15:12:43.393000
 CVE-2025-5252,0,0,befcffbe58a6c748b51a32dbfdb428108ffe2b16ca817a921564fafd634c86b0,2025-06-09T18:51:06.110000
 CVE-2025-5255,0,0,0d9f56d5e1509a662651a50a1959d77ed1c049a1471df3ec7483fe3801248464,2025-06-20T10:15:21.653000
-CVE-2025-52552,1,1,27741305ae00f3d36bb92eb33f15f4f7f40418a880f409aa430ffa00fa775060,2025-06-21T03:15:24.990000
-CVE-2025-52556,1,1,839776e8ea5d48efbfe10dd749a9ae7819c361ef6cbb9befd317045b49103746,2025-06-21T02:15:19.947000
-CVE-2025-52557,1,1,0983e689a848479832c1cc1b66b70297360012e01103c16ee1ea99dfdc0c6445,2025-06-21T02:15:20.107000
+CVE-2025-52552,0,0,27741305ae00f3d36bb92eb33f15f4f7f40418a880f409aa430ffa00fa775060,2025-06-21T03:15:24.990000
+CVE-2025-52556,0,0,839776e8ea5d48efbfe10dd749a9ae7819c361ef6cbb9befd317045b49103746,2025-06-21T02:15:19.947000
+CVE-2025-52557,0,0,0983e689a848479832c1cc1b66b70297360012e01103c16ee1ea99dfdc0c6445,2025-06-21T02:15:20.107000
 CVE-2025-5256,0,0,8e276989283383806f3abf5c20dbe67142f0dc8ca07046605c539922633ebc4a,2025-05-29T14:29:50.247000
 CVE-2025-5257,0,0,75d358e3d2bbe3761b44e1bc4ce97e0b1726e1521e4fab98ee61ac2e91cdcfa1,2025-05-29T14:29:50.247000
 CVE-2025-5259,0,0,762eb0e82b940f038c9de9747260da22e83abc89d044ade4d08f1060ed5d681a,2025-05-30T16:31:03.107000
@@ -298976,4 +298976,5 @@ CVE-2025-6374,0,0,b64de8ac08765ef2aa29524f49bd34819f262290b45c21bdea86cc8246ba3a
 CVE-2025-6375,0,0,ffe282b12fa3ecc9ab33fc703768c63791095f26660717266b328436b6f94862,2025-06-21T01:15:29.463000
 CVE-2025-6384,0,0,5cdec51953ac45fb27a9189069c1d2dedd736d67cb8696f7a629dd1dd7d1191f,2025-06-19T21:15:27.390000
 CVE-2025-6393,0,0,8fdf36f15a3c8062a52f965b882fa901ea85b71f63ac82f6e8e8e5dca7616106,2025-06-21T01:15:29.650000
-CVE-2025-6394,1,1,0d29effea134417ccb539ed8195e20c39f8378791ae92c1ec4fb1ad0a57731cd,2025-06-21T02:15:20.247000
+CVE-2025-6394,0,0,0d29effea134417ccb539ed8195e20c39f8378791ae92c1ec4fb1ad0a57731cd,2025-06-21T02:15:20.247000
+CVE-2025-6399,1,1,4e1efe71bd5e4cfa8ab2ff5a9127ce00373b7f6790fd011901c9b5eee0f73f6a,2025-06-21T04:15:23.140000