CVE-2025-5542 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Virtual Server Page

CVE ID : CVE-2025-5542

Published : June 3, 2025, 10:15 p.m. | 15 minutes ago

Description : A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…