Totolink

A3002r

47 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-55591

Exploit
  • EPSS 6.34%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:11:06

TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint.

6.5

CVE-2025-55590

Exploit
  • EPSS 12.22%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:56

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html.

6.5

CVE-2025-55589

Exploit
  • EPSS 12.22%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:47

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice.

7.5

CVE-2025-55588

Exploit
  • EPSS 0.27%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:40

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-55587

Exploit
  • EPSS 0.27%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:34

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-55586

Exploit
  • EPSS 0.27%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:26

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

6.5

CVE-2025-55585

Exploit
  • EPSS 0.16%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:17

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.

5.3

CVE-2025-55584

Exploit
  • EPSS 0.19%
  • Published 18.08.2025 00:00:00
  • Last modified 21.08.2025 14:10:05

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account.

8.8

CVE-2025-6487

Exploit
  • EPSS 0.16%
  • Published 22.06.2025 18:00:15
  • Last modified 07.07.2025 18:50:45

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. T...

8.8

CVE-2025-6486

Exploit
  • EPSS 0.16%
  • Published 22.06.2025 17:31:07
  • Last modified 07.07.2025 18:49:28

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP of the file /boafrm/formWlanMultipleAP. The manipulation of the argument submit-url leads ...