11 matches found
EUVD-2025-28595
Malicious code in bioql PyPI...
CVE-2025-9783
A vulnerability was determined in TOTOLINK A702R 4.0.0-B20211108.1423. This issue affects the function sub418030 of the file /boafrm/formParentControl. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly...
CVE-2025-55585
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...
CVE-2025-55591
TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint...
CVE-2025-55585
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...
CVE-2025-55584
CVE-2025-55584 affects the TOTOLINK A3002R router (version 4.0.0-B20230531.1404). The issue is insecure credentials for the telnet service and the root account, enabling potential unauthorized remote access via Telnet. Some connected sources also recommend changing default credentials as a mitiga...
EUVD-2025-28601
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html...
CVE-2025-55585
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...
CVE-2025-55590
CVE-2025-55590 concerns the TOTOLINK A3002R router (version 4.0.0-B20230531.1404). The issue is a command injection vulnerability in the bupload.html component, caused by improper filtering of constructed command characters. The NVD entry lists a CVSSv3.1 base score of 6.5 (Network attack, Low co...
CVE-2025-55585
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval function...
CVE-2025-45864
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface...