Totolink

A3002r Firmware

61 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-45864

Exploit
  • EPSS 0.07%
  • Published 13.05.2025 00:00:00
  • Last modified 17.06.2025 19:41:20

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.

5.4

CVE-2025-45859

Exploit
  • EPSS 0.07%
  • Published 13.05.2025 00:00:00
  • Last modified 16.06.2025 18:25:52

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.

9.8

CVE-2025-25579

Exploit
  • EPSS 8.07%
  • Published 28.03.2025 00:00:00
  • Last modified 07.04.2025 14:23:36

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.

8

CVE-2025-25635

Exploit
  • EPSS 0.04%
  • Published 28.02.2025 19:15:37
  • Last modified 02.10.2025 01:40:13

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the pppoe_dns1 parameter in the formIpv6Setup interface of /bin/boa.

8

CVE-2025-25610

  • EPSS 0.04%
  • Published 28.02.2025 19:15:37
  • Last modified 03.04.2025 15:37:48

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa.

8

CVE-2025-25609

  • EPSS 0.04%
  • Published 28.02.2025 19:15:36
  • Last modified 03.04.2025 15:37:42

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa

8.8

CVE-2024-54907

Exploit
  • EPSS 0.72%
  • Published 26.12.2024 19:15:08
  • Last modified 09.04.2025 18:36:22

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.

9.8

CVE-2024-34195

Exploit
  • EPSS 0.25%
  • Published 28.08.2024 20:15:07
  • Last modified 30.08.2024 15:59:08

TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to ...

9.8

CVE-2024-42520

Exploit
  • EPSS 0.39%
  • Published 12.08.2024 15:15:21
  • Last modified 13.08.2024 15:35:16

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.

7.5

CVE-2024-33820

Exploit
  • EPSS 0.16%
  • Published 01.05.2024 16:15:07
  • Last modified 17.06.2025 16:44:33

Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the ov...