{"vulnerability": "CVE-2025-3991", "sightings": [{"uuid": "b9c720fa-1455-41be-880d-0ebe353a827d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3991", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114413070256201052", "content": "", "creation_timestamp": "2025-04-28T01:48:25.655323Z"}, {"uuid": "205158b6-2900-4a23-be20-89290c561389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3991", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnttmqkicv2x", "content": "", "creation_timestamp": "2025-04-28T03:36:58.677149Z"}, {"uuid": "14b844f4-05b3-4f12-85ae-90fc0a8e1246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3991", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lntu45zl5d2g", "content": "", "creation_timestamp": "2025-04-28T03:45:39.974974Z"}, {"uuid": "4b725109-e58c-40fd-98f7-4b309901fd70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://sploitus.com/exploit?id=AF5A6F79-A89D-5C35-8379-21F2BA273EF5&amp;utm_source=rss&amp;utm_medium=rss", "content": "", "creation_timestamp": "2025-10-12T19:46:09.000000Z"}, {"uuid": "d28cdf75-aa8f-46d0-9ad8-547ac13de4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "478b6e63-2f03-41aa-bb6c-b843c03020ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://sploitus.com/exploit?id=BBD3D31F-7D4A-56B1-BC82-EF2294FE0F67&amp;utm_source=rss&amp;utm_medium=rss", "content": "", "creation_timestamp": "2025-10-12T19:55:33.000000Z"}, {"uuid": "11991daa-ea7a-49d0-b3ce-258e016d23e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "51ca1e35-cbd8-495b-ad94-aa61cc04a7e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39914", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "cb012f67-5d15-426c-82fc-d07e8d4c549e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39916", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "7c1f8107-c4e2-4d77-b97b-86b4a6717ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39916", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "8fe087a0-9f59-4273-a9cc-0285e97eecef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://sploitus.com/exploit?id=AF5A6F79-A89D-5C35-8379-21F2BA273EF5", "content": "", "creation_timestamp": "2025-10-12T19:46:09.000000Z"}, {"uuid": "c0fc26ae-fecd-427b-85ee-2605358191c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://sploitus.com/exploit?id=BBD3D31F-7D4A-56B1-BC82-EF2294FE0F67", "content": "", "creation_timestamp": "2025-10-12T19:55:33.000000Z"}, {"uuid": "44ad272f-e2bb-4d6d-b22f-78baf62e790d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39911", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "a1cff4ba-fbd4-4da8-a2df-699258a8bb3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39914", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "32fcba10-2a07-4155-9135-ab44fac69093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39911", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "46ccf314-a17b-403f-884d-b06ffe74158e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/55224", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.\nURL\uff1ahttps://github.com/byteReaper77/CVE-2025-39913\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-12T21:58:39.000000Z"}, {"uuid": "f3983655-427f-465c-8d75-2322c454652a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/55222", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.\nURL\uff1ahttps://github.com/byteReaper77/CVE-2025-39913-\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-12T21:47:23.000000Z"}, {"uuid": "b28e6a5b-e039-464d-b1ef-92e5d50c0fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-39913", "type": "published-proof-of-concept", "source": "Telegram/mW6QqrWNm-4g0XQ1jyeiV7UmBmIcjYuslZxs5eztp0xUUPU", "content": "", "creation_timestamp": "2025-10-12T23:00:10.000000Z"}, {"uuid": "a526d823-c954-480b-aa0f-4eadeec1ed02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3991", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13648", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3991\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boafrm/formWdsEncrypt. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-27T23:31:05.914Z\n\ud83d\udccf Modified: 2025-04-27T23:31:05.914Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.306327\n2. https://vuldb.com/?ctiid.306327\n3. https://vuldb.com/?submit.557942\n4. https://github.com/fizz-is-on-the-way/Iot_vuls/tree/main/N150RT/BufferOverflow_formWdsEncrypt\n5. https://www.totolink.net/", "creation_timestamp": "2025-04-28T00:10:38.000000Z"}, {"uuid": "743ea242-45cd-4b05-abef-36d6d20a1aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39911", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}, {"uuid": "4a92c958-e1fb-4ced-b7ed-3b4159e239cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39913", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}, {"uuid": "fd3159ee-accb-45a7-960a-c9292c1892bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39914", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}, {"uuid": "15208b05-a21e-4d26-ae25-7ef3f0a7657d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-39916", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}, {"uuid": "402d264b-6ace-4123-a661-be398b6e9459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3991", "type": "seen", "source": "https://t.me/cvedetector/23871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3991 - TOTOLINK N150RT Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3991 \nPublished : April 28, 2025, 12:15 a.m. | 41\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boafrm/formWdsEncrypt. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-28T03:11:29.000000Z"}]}