Totolink

A3002r Firmware

61 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2025-6485

Exploit
  • EPSS 8.64%
  • Veröffentlicht 22.06.2025 17:00:16
  • Zuletzt bearbeitet 14.08.2025 20:27:53

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command inject...

7.5

CVE-2025-6393

Exploit
  • EPSS 0.46%
  • Veröffentlicht 21.06.2025 01:15:29
  • Zuletzt bearbeitet 09.07.2025 18:43:26

A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/fo...

8.8

CVE-2025-6337

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.06.2025 12:00:18
  • Zuletzt bearbeitet 01.08.2025 22:18:15

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP PO...

8.8

CVE-2025-6164

Exploit
  • EPSS 0.19%
  • Veröffentlicht 17.06.2025 05:31:07
  • Zuletzt bearbeitet 23.06.2025 19:01:39

A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-ur...

8.8

CVE-2025-6149

Exploit
  • EPSS 0.19%
  • Veröffentlicht 17.06.2025 00:31:07
  • Zuletzt bearbeitet 23.06.2025 19:28:26

A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url lead...

6.5

CVE-2025-45862

Exploit
  • EPSS 0.1%
  • Veröffentlicht 20.05.2025 00:00:00
  • Zuletzt bearbeitet 24.05.2025 00:53:31

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.

3.4

CVE-2025-4852

Exploit
  • EPSS 0.23%
  • Veröffentlicht 18.05.2025 03:50:12
  • Zuletzt bearbeitet 04.06.2025 20:10:34

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting...

8.8

CVE-2025-4835

  • EPSS 0.22%
  • Veröffentlicht 17.05.2025 19:31:07
  • Zuletzt bearbeitet 23.05.2025 15:50:01

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request...

8.8

CVE-2025-4834

  • EPSS 0.22%
  • Veröffentlicht 17.05.2025 19:00:10
  • Zuletzt bearbeitet 23.05.2025 15:50:33

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of th...

8.8

CVE-2025-4833

  • EPSS 0.22%
  • Veröffentlicht 17.05.2025 17:31:05
  • Zuletzt bearbeitet 23.05.2025 15:50:46

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of th...