Vulnerability-Lookup

VAR-202506-1056

Vulnerability from variot - Updated: 2025-08-09 23:19

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used. TOTOLINK of N300RH A vulnerability exists in firmware related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state. The TOTOLINK N300RH is a long-range wireless router released by China's TOTOLINK Electronics. It supports the IEEE 802.11n standard and offers a maximum wireless transmission rate of 300Mbps

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202506-1056",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "n300rh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "totolink",
        "version": "6.1c.1390_b20191101"
      },
      {
        "model": "n300rh",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "totolink",
        "version": "n300rh  firmware  6.1c.1390 b20191101"
      },
      {
        "model": "n300rh",
        "scope": null,
        "trust": 0.8,
        "vendor": "totolink",
        "version": null
      },
      {
        "model": "n300rh",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "totolink",
        "version": null
      },
      {
        "model": "n300rh 6.1c.1390 b20191101",
        "scope": null,
        "trust": 0.6,
        "vendor": "totolink",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "cve": "CVE-2025-6401",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "cna@vuldb.com",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.4,
            "id": "CVE-2025-6401",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.0,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "OTHER",
            "availabilityImpact": "Partial",
            "baseScore": 2.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2025-009682",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.4,
            "id": "CNVD-2025-17706",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "cna@vuldb.com",
            "availabilityImpact": "LOW",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.1,
            "id": "CVE-2025-6401",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "OTHER",
            "availabilityImpact": "Low",
            "baseScore": 3.5,
            "baseSeverity": "Low",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2025-009682",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "cna@vuldb.com",
            "id": "CVE-2025-6401",
            "trust": 1.0,
            "value": "Low"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2025-009682",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2025-17706",
            "trust": 0.6,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used. TOTOLINK of N300RH A vulnerability exists in firmware related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state. The TOTOLINK N300RH is a long-range wireless router released by China\u0027s TOTOLINK Electronics. It supports the IEEE 802.11n standard and offers a maximum wireless transmission rate of 300Mbps",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2025-6401",
        "trust": 3.2
      },
      {
        "db": "VULDB",
        "id": "313395",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "id": "VAR-202506-1056",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      }
    ]
  },
  "last_update_date": "2025-08-09T23:19:01.833000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-404",
        "trust": 1.0
      },
      {
        "problemtype": "Improper shutdown and release of resources (CWE-404) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://github.com/d2pq/cve/blob/main/616/21.md"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/d2pq/cve/blob/main/616/21.md#poc"
      },
      {
        "trust": 1.8,
        "url": "https://vuldb.com/?id.313395"
      },
      {
        "trust": 1.8,
        "url": "https://vuldb.com/?submit.597688"
      },
      {
        "trust": 1.8,
        "url": "https://www.totolink.net/"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2025-6401"
      },
      {
        "trust": 1.0,
        "url": "https://vuldb.com/?ctiid.313395"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-08-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "date": "2025-07-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "date": "2025-06-21T07:15:23.197000",
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-08-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-17706"
      },
      {
        "date": "2025-07-23T08:41:00",
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      },
      {
        "date": "2025-06-25T20:14:01.440000",
        "db": "NVD",
        "id": "CVE-2025-6401"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TOTOLINK\u00a0 of \u00a0N300RH\u00a0 Improper Shutdown and Release of Resources in Firmware Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-009682"
      }
    ],
    "trust": 0.8
  }
}

CVE-2025-6401 (GCVE-0-2025-6401)

Vulnerability from cvelistv5 – Published: 2025-06-21 06:31 – Updated: 2025-06-23 19:27

Title

TOTOLINK N300RH HTTP POST Message formFilter denial of service

Summary

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

3.5 (Low)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

3.5 (Low)


                        
                          CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

CWE

CWE-404 - Denial of Service

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.313395	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.313395	signaturepermissions-required
	https://vuldb.com/?submit.597688	third-party-advisory
	https://github.com/d2pq/cve/blob/main/616/21.md	related
	https://github.com/d2pq/cve/blob/main/616/21.md#poc	exploit
	https://www.totolink.net/	product

Impacted products

	Vendor	Product	Version
	TOTOLINK	N300RH	Affected: 6.1c.1390_B20191101

Credits

yuhongxiang (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6401",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-23T16:09:27.308682Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-23T19:27:48.226Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/d2pq/cve/blob/main/616/21.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "HTTP POST Message Handler"
          ],
          "product": "N300RH",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "6.1c.1390_B20191101"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yuhongxiang (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in TOTOLINK N300RH 6.1c.1390_B20191101 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /boafrm/formFilter der Komponente HTTP POST Message Handler. Mittels dem Manipulieren des Arguments url mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.3,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-21T06:31:08.227Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-313395 | TOTOLINK N300RH HTTP POST Message formFilter denial of service",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.313395"
        },
        {
          "name": "VDB-313395 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.313395"
        },
        {
          "name": "Submit #597688 | TOTOLINK  N300RH_V4 V6.1c.1390_B20191101 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.597688"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://github.com/d2pq/cve/blob/main/616/21.md"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/d2pq/cve/blob/main/616/21.md#poc"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.totolink.net/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-20T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-06-20T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-06-20T12:43:55.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK N300RH HTTP POST Message formFilter denial of service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-6401",
    "datePublished": "2025-06-21T06:31:08.227Z",
    "dateReserved": "2025-06-20T10:38:48.055Z",
    "dateUpdated": "2025-06-23T19:27:48.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VAR-202506-1056

CVE-2025-6401 (GCVE-0-2025-6401)

Tags

Sightings

Nomenclature