{"vulnerability": "cve-2025-2370", "sightings": [{"uuid": "2302b1e5-c4a4-491f-9833-01980d38ce84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2370\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T09:00:09.912Z\n\ud83d\udccf Modified: 2025-03-17T09:00:09.912Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299869\n2. https://vuldb.com/?ctiid.299869\n3. https://vuldb.com/?submit.515329\n4. https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2003%20setWiFiExtenderConfig-_apcliSsid.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-03-17T09:46:58.000000Z"}, {"uuid": "4949398a-5114-4724-b1a7-362d84441f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "seen", "source": "https://t.me/cvedetector/20443", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2370 - TOTOLINK EX1800T Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2370 \nPublished : March 17, 2025, 9:15 a.m. | 22\u00a0minutes ago \nDescription : A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T10:46:30.000000Z"}, {"uuid": "39e988c1-584f-4cac-91c2-3218594247c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23703", "type": "seen", "source": "https://t.me/cvedetector/15630", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23703 - ABS-Hosting.nl Walchum.net Free MailClient FMC CSRF-Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23703 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in CS : ABS-Hosting.nl / Walchum.net Free MailClient FMC allows Stored XSS.This issue affects Free MailClient FMC: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:46.000000Z"}, {"uuid": "e412b26b-8001-4389-8810-a75fcb38a4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23702", "type": "seen", "source": "https://t.me/cvedetector/15624", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23702 - Schalk Burger Anonymize Links CSRF-Based Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23702 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Schalk Burger Anonymize Links allows Stored XSS.This issue affects Anonymize Links: from n/a through 1.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:38.000000Z"}, {"uuid": "bd7af54a-c066-4151-8601-6baf04381ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23703", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43pt2ep2n", "content": "", "creation_timestamp": "2025-01-16T20:19:37.811774Z"}, {"uuid": "21399450-3936-49f0-a757-2d4211ac323f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23708", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43s73x52j", "content": "", "creation_timestamp": "2025-01-16T20:19:40.272405Z"}, {"uuid": "c1f50a42-ca59-4698-9326-3164f67151b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23702", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840960512398946", "content": "", "creation_timestamp": "2025-01-17T00:53:23.610723Z"}, {"uuid": "6665381a-7c83-4a56-87de-63261f5e1e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23703", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840960528447242", "content": "", "creation_timestamp": "2025-01-17T00:53:23.913862Z"}, {"uuid": "2fa693fb-e339-45b0-a941-3dd03605d6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23708", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840960542526642", "content": "", "creation_timestamp": "2025-01-17T00:53:24.225620Z"}, {"uuid": "b708afab-10b8-49d4-9331-280fba0e5b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114172267350542304", "content": "", "creation_timestamp": "2025-03-16T13:09:04.692523Z"}, {"uuid": "3cdb6aad-0c38-4ee1-b458-267a0f7a0b9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23705", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbcqj5qsg72g", "content": "", "creation_timestamp": "2025-12-31T20:49:54.063954Z"}, {"uuid": "42901385-76e6-4460-a74f-659f8459f41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23707", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbcqp4s5o52u", "content": "", "creation_timestamp": "2025-12-31T20:53:14.244945Z"}, {"uuid": "066193f1-052a-411c-b42e-89fb3444ecc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23705", "type": "seen", "source": "https://gist.github.com/Darkcrai86/e4f8401f364f86038d0cb8ef31387942", "content": "", "creation_timestamp": "2026-01-02T08:05:41.000000Z"}, {"uuid": "123239a3-671a-4ffd-8c29-84c3b33c9325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23707", "type": "seen", "source": "https://gist.github.com/Darkcrai86/8c35e7e807073a9365b2edaad3746325", "content": "", "creation_timestamp": "2026-01-02T08:05:19.000000Z"}, {"uuid": "1f83bde9-bbea-4821-a20d-a6a0c52d1301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23708", "type": "seen", "source": "https://t.me/cvedetector/15625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23708 - Dominic Fallows DF Draggable CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23708 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Dominic Fallows DF Draggable allows Stored XSS.This issue affects DF Draggable: from n/a through 1.13.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:38.000000Z"}, {"uuid": "d061b214-de35-44e0-a195-990e0b296e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23706", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo6bzqd62f", "content": "", "creation_timestamp": "2025-01-22T15:20:27.727135Z"}, {"uuid": "9fe26136-7a3a-4429-9a1f-cd4db12dfa60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23701", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo67c5os2t", "content": "", "creation_timestamp": "2025-01-22T15:20:24.852882Z"}, {"uuid": "9364f0b8-619a-4da0-853e-71811fe1362f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23700", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo64jlxl2w", "content": "", "creation_timestamp": "2025-01-22T15:20:21.933225Z"}, {"uuid": "1ea80564-72cb-4e09-b4e1-de641ea18184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23709", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo6emjhp2c", "content": "", "creation_timestamp": "2025-01-22T15:20:30.342249Z"}, {"uuid": "f09d96ff-63d6-4a2d-98ab-a16f42dcd76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkuom7b4s2s", "content": "", "creation_timestamp": "2025-03-17T09:46:25.236838Z"}, {"uuid": "62a5a2ef-a654-4f5c-bc70-a5d1713d5e37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114177140502986799", "content": "", "creation_timestamp": "2025-03-17T09:48:23.286174Z"}, {"uuid": "46f6bb43-9f64-4b88-abdd-f1507cd5ef8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2370", "type": "published-proof-of-concept", "source": "Telegram/k7Kg0Fyynw9AKxEWFZkxiubMrImY9Z1md51Ry-eSmZoqHAo", "content": "", "creation_timestamp": "2025-03-17T11:00:36.000000Z"}, {"uuid": "87a1e02e-f055-4fce-ab55-e480dbef79d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23702", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43nh6mu2f", "content": "", "creation_timestamp": "2025-01-16T20:19:35.628233Z"}]}