A3002r_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
A3002r_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	55

Date	Id	Summary	Products	Score	Patch	Annotated
2025-05-17	CVE-2025-4830	A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-17	CVE-2025-4831	A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-17	CVE-2025-4832	A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-17	CVE-2025-4833	A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-17	CVE-2025-4835	A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-17	CVE-2025-4834	A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.	A3002r_firmware, A3002ru_firmware, A702r_firmware	8.8
2025-05-20	CVE-2025-45862	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.	A3002r_firmware	N/A
2025-05-20	CVE-2025-45862	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.	A3002r_firmware	N/A
2025-05-13	CVE-2025-45861	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.	A3002r_firmware	9.8
2025-05-13	CVE-2025-45865	TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface.	A3002r_firmware	9.8