{"vulnerability": "cve-2025-2560", "sightings": [{"uuid": "e1938dfe-016b-4006-a027-f02171f64159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25605", "type": "seen", "source": "https://t.me/cvedetector/18683", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25605 - Totolink X5000R Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25605 \nPublished : Feb. 21, 2025, 7:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T22:17:11.000000Z"}, {"uuid": "6244a238-34ce-477a-bed7-03292bc0f464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25609", "type": "seen", "source": "MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18", "content": "", "creation_timestamp": "2025-08-19T18:29:29.000000Z"}, {"uuid": "81d0193e-030d-4e7a-8854-cdd68a98cf41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25604", "type": "seen", "source": "https://t.me/cvedetector/18685", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25604 - Totolink X5000R Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25604 \nPublished : Feb. 21, 2025, 7:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T22:17:13.000000Z"}, {"uuid": "4c6f14b4-5b4c-4937-9ab4-b37547398bcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25609", "type": "seen", "source": "https://t.me/cvedetector/19184", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25609 - TOTOlink A3002R Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25609 \nPublished : Feb. 28, 2025, 7:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T22:03:07.000000Z"}, {"uuid": "a17cd8c4-ef46-45e8-a86c-7a10808ed88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25605", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4955", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25605\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua.\n\ud83d\udccf Published: 2025-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T18:44:44.812Z\n\ud83d\udd17 References:\n1. https://github.com/sezangel/IOT-vul/tree/main/Totolink/X5000R/4", "creation_timestamp": "2025-02-21T19:18:34.000000Z"}, {"uuid": "a6e57a88-3bdb-4a0a-8ad6-c6d795ba3736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25604", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4954", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25604\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua.\n\ud83d\udccf Published: 2025-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T18:46:49.852Z\n\ud83d\udd17 References:\n1. https://github.com/sezangel/IOT-vul/tree/main/Totolink/X5000R/5", "creation_timestamp": "2025-02-21T19:18:34.000000Z"}, {"uuid": "15de97bd-f710-47cd-ad23-4606ac8dfa0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2560", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16806", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2560\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Ninja Forms  WordPress plugin before 3.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-05-19T06:00:05.453Z\n\ud83d\udccf Modified: 2025-05-19T06:00:05.453Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/2adaa55a-4a6d-40ca-ae19-fcb82420894a/", "creation_timestamp": "2025-05-19T06:38:50.000000Z"}, {"uuid": "9428cd5f-1484-4356-b64b-1c6419684d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25609", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25609\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa\n\ud83d\udccf Published: 2025-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T18:53:32.725Z\n\ud83d\udd17 References:\n1. https://github.com/SunnyYANGyaya/firmcrosser/blob/main/ToTolink/TOTOLINK-A3002R-formIpv6Setup-static_ipv6.md", "creation_timestamp": "2025-02-28T19:27:03.000000Z"}]}