Totolink

A702r Firmware

32 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-4830

  • EPSS 0.22%
  • Published 17.05.2025 15:31:06
  • Last modified 23.05.2025 15:51:24

A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handl...

8.8

CVE-2025-4829

  • EPSS 0.22%
  • Published 17.05.2025 15:00:10
  • Last modified 23.05.2025 15:51:37

A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this vulnerability is the function sub_40BE30 of the file /boafrm/formStats of the component HTTP POST Request Handler. The manip...

8.8

CVE-2025-4827

  • EPSS 0.22%
  • Published 17.05.2025 14:49:29
  • Last modified 23.05.2025 15:51:49

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation o...

8.8

CVE-2025-4826

  • EPSS 0.22%
  • Published 17.05.2025 11:15:46
  • Last modified 23.05.2025 15:49:48

A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. T...

8.8

CVE-2025-4825

  • EPSS 0.22%
  • Published 17.05.2025 10:07:55
  • Last modified 23.05.2025 15:49:33

A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argum...

8.8

CVE-2025-4824

  • EPSS 0.22%
  • Published 17.05.2025 10:00:07
  • Last modified 23.05.2025 15:49:20

A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation of the argument su...

8.8

CVE-2025-4823

  • EPSS 0.22%
  • Published 17.05.2025 09:31:06
  • Last modified 23.05.2025 15:48:37

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is the function submit-url of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler...

5.5

CVE-2020-27368

Exploit
  • EPSS 0.13%
  • Published 14.01.2021 16:15:17
  • Last modified 21.11.2024 05:21:04

Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.

9

CVE-2019-19824

Exploit
  • EPSS 93.67%
  • Published 27.01.2020 18:15:12
  • Last modified 21.11.2024 04:35:28

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the dev...

7.5

CVE-2019-19823

Exploit
  • EPSS 1.36%
  • Published 27.01.2020 18:15:12
  • Last modified 21.11.2024 04:35:28

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT throug...