EUVD-2024-20066

Malicious code in bioql PyPI...

EUVD-2025-8669

Malicious code in bioql PyPI...

EUVD-2022-43431

Malicious code in bioql PyPI...

CVE-2022-40110

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa...

CVE-2025-25579

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr...

CVE-2025-25579

TOTOLINK A3002R (V4.0.0-B20230531.1404) is affected by a Command Injection in the /bin/boa executable via the bandstr parameter. The root cause is the failure to properly filter command characters in bandstr, enabling arbitrary command execution. CVSS v3.1 base score is 9.8 (CRITICAL) with networ...

CVE-2025-25610

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticgw parameter in the formIpv6Setup interface of /bin/boa...

CVE-2025-25609

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticipv6 parameter in the formIpv6Setup interface of /bin/boa...

PT-2025-9131

Name of the Vulnerable Software and Affected Versions: TOTOlink A3002R version V1.1.1-B20200824.0128 Description: The issue arises from a buffer overflow due to improper input validation of the pppoe dns1 parameter in the formIpv6Setup interface of the /bin/boa endpoint. Recommendations: For...

CVE-2024-54907

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc...

TOTOLINK A3002R 安全漏洞

The TOTOLINK A3002R is a wireless dual-band Gigabit router. A remote code injection vulnerability exists in the TOTOLINK A3002R. The vulnerability is due to the ability to execute remote code in /bin/boa via formWsc in the affected version. An attacker can exploit this vulnerability to remotely...

CVE-2024-42520

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless dual-band Gigabit router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3002R version v4.0.0-B20230531.1404, which originates from formParentControl failing to correctly validate the length and size of the input data in...

CVE-2024-42520

CVE-2024-42520 affects TOTOLINK A3002R (v4.0.0-B20230531.1404). A buffer overflow in /bin/boa via the formParentControl endpoint is the root cause. Reported impacts include remote code execution risk and potential denial of service; CVSS indicates CRITICAL overall impact (C/H/I/A). Some sources n...

CVE-2024-42520

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl...

CVE-2024-42520

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl...

CVE-2024-33774

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetupWizard allows remote authenticated users to trigger a denial of service DoS through the parameter "webpage."...

CVE-2024-33772

A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service DoS through the parameter "curTime."...

CVE-2024-22529

TOTOLINK X2000RV2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub449040 handle function of formUploadFile of /bin/boa...

CVE-2024-22529

The CVE-2024-22529 entry affects TOTOLINK X2000R_V2 (version 2.0.0-B20230727.10434). A command-injection vulnerability exists in sub_449040 (handle function) of /bin/boa, caused by improper input filtering of constructed command characters. Consequence: arbitrary command execution with high impac...