CVE-2025-6940 TOTOLINK A702R HTTP POST Request formParentControl buffer overflow

🗓️ 01 Jul 2025 02:32:07Reported by VulDBType

Critical buffer overflow vulnerability in TOTOLINK A702R allows remote exploitation via HTTP POST.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the request processing function in TOTOLINK A702R router microprogramming software allows a intruder to trigger a service failure.	2 Jul 202500:00	–	bdu_fstec
Circl	CVE-2025-6940	1 Jul 202503:10	–	circl
CNNVD	TOTOLINK A702r 安全漏洞	1 Jul 202500:00	–	cnnvd
CNVD	TOTOLINK A702r Buffer Overflow Vulnerability	4 Jul 202500:00	–	cnvd
CVE	CVE-2025-6940	1 Jul 202502:32	–	cve
EUVD	EUVD-2025-19600	3 Oct 202520:07	–	euvd
NVD	CVE-2025-6940	1 Jul 202503:15	–	nvd
Positive Technologies	PT-2025-27504 · Totolink · Totolink A702R	28 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-6940	3 Jul 202503:21	–	redhatcve
Vulnrichment	CVE-2025-6940 TOTOLINK A702R HTTP POST Request formParentControl buffer overflow	1 Jul 202502:32	–	vulnrichment

[
  {
    "vendor": "TOTOLINK",
    "product": "A702R",
    "versions": [
      {
        "version": "4.0.0-B20230721.1521",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
totolink	www.totolink.net/
vuldb	www.vuldb.com/
github	www.github.com/awindog/cve/blob/main/688/27.md
vuldb	www.vuldb.com/
github	www.github.com/awindog/cve/blob/main/688/27.md

01 Jul 2025 02:32Current

CVSS 48.7

CVSS 3.18.8

CVSS 38.8

CVSS 29

EPSS0.00766