260 matches found
CVE-2025-5506
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-5506
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-5506
The CVE-2025-5506 entry affects TOTOLINK A3002RU (firmware 2.1.1-B20230720.1011) in the NAT Mapping Page component. The vulnerability stems from manipulation of the Comment parameter, enabling cross-site scripting (XSS). It is exploitable remotely and reportedly had an exploit disclosed publicly....
CVE-2025-5506 TOTOLINK A3002RU NAT Mapping Page cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-5506 TOTOLINK A3002RU NAT Mapping Page cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-5505 TOTOLINK A3002RU Virtual Server Page formPortFw cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument servicetype leads to cross site scripting. The attack...
CVE-2025-5505 TOTOLINK A3002RU Virtual Server Page formPortFw cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument servicetype leads to cross site scripting. The attack...
CVE-2025-5505
Summary : CVE-2025-5505 affects TOTOLINK A3002RU (v2.1.1-B20230720.1011). The vulnerability lies in the Virtual Server Page’s /boafrm/formPortFw handling, where manipulation of the service_type argument enables cross-site scripting. It can potentially be exploited remotely. Public disclosure exis...
TOTOLINK A3002RU 安全漏洞
TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. A cross-site scripting vulnerability exists in the TOTOLINK A3002RU, which stems from the lack of effective filtering and escaping of user-supplied data by the IP Port Filtering Page component parameter Comment,...
TOTOLINK A3002RU 代码注入漏洞
TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. A cross-site scripting vulnerability exists in the TOTOLINK A3002RU, which stems from the lack of effective filtering and escaping of user-supplied data by the Virtual Server Page component parameter servicetype...
TOTOLINK A3002RU 代码注入漏洞
TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. The TOTOLINK A3002RU suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the NAT Mapping Page component parameter Comment, for...
TOTOLINK A3002RU 代码注入漏洞
TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. A cross-site scripting vulnerability exists in the TOTOLINK A3002RU, which stems from the lack of effective filtering and escaping of user-supplied data by the MAC Filtering Page component parameter Comment, for...
PT-2025-23638 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.1.1-B20230720.1011 Description: The issue is related to the IP/Port Filtering module of the TOTOLINK A3002RU router's firmware, where the Comment parameter is not properly protected, leading to cross-site scripting...
PT-2025-23637 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.1.1-B20230720.1011 Description: A vulnerability was found in the MAC Filtering Page component of the affected software. The issue arises from the manipulation of the Comment argument, leading to cross-site scripting...
PT-2025-23633 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.1.1-B20230720.1011 Description: A vulnerability was found in the NAT Mapping Page component of the affected software. The issue is related to the manipulation of the Comment argument, which leads to cross-site...
PT-2025-23632 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.1.1-B20230720.1011 Description: A vulnerability was found in the Virtual Server Page component, specifically affecting the processing of the file /boafrm/formPortFw. The manipulation of the service type argument lea...
CVE-2023-48859
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...
TOTOLINK A3002R and A3002RU Command Injection Vulnerability
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a command injection vulnerability that originates from misuse of the /boafrm/formMapDelDevice file of the HTTP POST request...
TOTOLINK A3002R/A3002RU Buffer Overflow Vulnerability
TOTOLINK A3002R and A3002RU are wireless router products under the TOTOLINK brand that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates in the /boafrm/formMapDel file in the HTTP POST request...
CVE-2025-4733
A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...