Vulners
Lucene search
CVE-2025-4731
🗓️ 16 May 2025 00:00:10Reported by VulDBType 
cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 41 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information. | 23 May 202500:00 | – | bdu_fstec |
 | CVE-2025-4731 | 16 May 202500:34 | – | circl |
 | TOTOLINK A3002RU和TOTOLINK A3002R 安全漏洞 | 15 May 202500:00 | – | cnnvd |
 | TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability | 20 May 202500:00 | – | cnvd |
 | CVE-2025-4731 TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow | 16 May 202500:00 | – | cvelist |
 | EUVD-2025-15380 | 3 Oct 202520:07 | – | euvd |
 | CVE-2025-4731 | 16 May 202500:15 | – | nvd |
 | CVE-2025-4731 | 16 May 202500:15 | – | osv |
 | PT-2025-21588 · Totolink · Totolink A3002Ru | 15 May 202500:00 | – | ptsecurity |
 | CVE-2025-4731 | 18 May 202500:10 | – | redhatcve |
10
Node
Node
[
{
"vendor": "TOTOLINK",
"product": "A3002R",
"versions": [
{
"version": "3.0.0-B20230809.1615",
"status": "affected"
}
],
"modules": [
"HTTP POST Request Handler"
]
},
{
"vendor": "TOTOLINK",
"product": "A3002RU",
"versions": [
{
"version": "3.0.0-B20230809.1615",
"status": "affected"
}
],
"modules": [
"HTTP POST Request Handler"
]
}
]| Source | Link |
|---|---|
| vuldb | www.vuldb.com/ |
| vuldb | www.vuldb.com/ |
| totolink | www.totolink.net/ |
| vuldb | www.vuldb.com/ |
| github | www.github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/4.md |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| service_type | request body | /boafrm/formPortFw | Buffer overflow via POST parameters service_type and ip_subnet in /boafrm/formPortFw leading to remote code execution vulnerability. | CWE-119, CWE-120 |
| ip_subnet | request body | /boafrm/formPortFw | Buffer overflow via POST parameters service_type and ip_subnet in /boafrm/formPortFw leading to remote code execution vulnerability. | CWE-119, CWE-120 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 09:33Current
9High risk
Vulners AI Score9
CVSS 48.7
CVSS 3.18.8
CVSS 29
CVSS 38.8
EPSS0.00661
SSVC