PT-2025-21799 · Totolink · Totolink A702R +1

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R, A3002R, and A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability was found in the HTTP POST Request Handler component of the affected TOTOLINK devices. This vulnerability affects an unknown part of the fi...

PT-2025-21783 · Totolink · Totolink A702R +1

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R, A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue affects the submit-url function of the file /boafrm/formReflashClientTbl in the HTTP POST Request Handler component, leading to a buffer overflow...

CVE-2025-4733 TOTOLINK A3002R/A3002RU HTTP POST Request formIpQoS buffer overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-4733 TOTOLINK A3002R/A3002RU HTTP POST Request formIpQoS buffer overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-4732 TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflow

A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack ca...

CVE-2025-4732 TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflow

A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack ca...

CVE-2025-4732

CVE-2025-4732 affects TOTOLINK A3002R/A3002RU running 3.0.0-B20230809.1615. The issue resides in the HTTP POST Request Handler, specifically the /boafrm/formFilter path, where manipulation of the ip6addr argument triggers a buffer overflow. This can be exploited remotely, and public disclosures e...

CVE-2025-4731

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...

CVE-2025-4730

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...

CVE-2025-4729

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...

CVE-2025-4731 TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...

CVE-2025-4731 TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...

CVE-2025-4731

Summary: CVE-2025-4731 affects TOTOLINK A3002R and A3002RU running 3.0.0-B20230809.1615. The vulnerability lies in the HTTP POST Request Handler, specifically the /boafrm/formPortFw file, where manipulating the argument commonly labeled as either service_type or ip_subnet leads to a buffer overfl...

CVE-2025-4730 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflow

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...

CVE-2025-4730 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflow

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...

CVE-2025-4730

TOTOLINK A3002R/A3002RU (version 3.0.0-B20230809.1615) is affected by a buffer overflow in the HTTP POST Request Handler, specifically in the /boafrm/formMapDel function when the devicemac1 argument is manipulated. The vulnerability can be exploited remotely and is described as critical in multip...

CVE-2025-4729 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDelDevice command injection

A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...

CVE-2025-4729

Totolink A3002R/A3002RU (v3.0.0-B20230809.1615) are affected by a command-injection vulnerability in the HTTP POST handler for the /boafrm/formMapDelDevice endpoint. Exploitation centers on tampering with the macstr parameter, with remote access and disclosure of the exploit noted. The PT-2025-21...

PT-2025-21589 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue was found in the HTTP POST Request Handler component, specifically affecting unknown code of the file /boafrm/formFilter. The manipulation of the ip6addr...

PT-2025-21590 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK A3002R and A3002RU. This issue affects some unknown processing of the file...