TOTOLINK N300RT 缓冲区错误漏洞

The TOTOLINK N300RT is a wireless router from TOTOLINK Corporation that complies with the 802.11n standard. The version 3.4.0-B20250430 of the Totolink N300RT has a buffer error vulnerability. This vulnerability stems from a buffer overflow in the entryname parameter of the /boafrm/formIpQoS file...

D-Link DWR-M920 安全漏洞

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that stems from the incorrect manipulation of the parameter submit-url in the function sub464794 in the file /boafrm/formDefRoute, for which no detailed...

D-Link DWR-M920 命令注入漏洞

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a command injection vulnerability that stems from the incorrect manipulation of the parameter fotaurl in the function sub4155B4 in the file /boafrm/formLtefotaUpgradeFibocom, for which n...

PT-2025-47839

Name of the Vulnerable Software and Affected Versions D-Link DIR-822K versions 1.00 20250513164613 through 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 through 1.1.50 Description A flaw exists in D-Link DIR-822K and DWR-M920 routers. The issue is related to the manipulation of the submit-u...

VulnCheck KEV: CVE-2024-51228

An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote...

TOTOLINK A702R /boafrm/formIpQoS File Buffer Overflow Vulnerability

TOTOLINK A702R is a wireless router device manufactured by China's Gion Electronics TOTOLINK, mainly used for home network connection and signal coverage. The TOTOLINK A702R suffers from a buffer overflow vulnerability, which originates from the parameter mac in the file /boafrm/formIpQoS failing...

CVE-2025-9780 TOTOLINK A702R formIpQoS sub_419BE0 buffer overflow

A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-55586

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2025-33689 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: The TOTOLINK A3002R router firmware contains multiple OS command injection vulnerabilities. These vulnerabilities are located in the /boafrm/formMapDelDevice endpoint and can be...

PT-2025-33688 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: The TOTOLINK A3002R device contains a buffer overflow in the fw ip parameter at the /boafrm/formPortFw API endpoint. This issue allows attackers to cause a Denial of Service DoS via a...

CVE-2025-8938

A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclos...

CVE-2025-8938 TOTOLINK N350R Telnet Service formSysTel backdoor

A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclos...

CVE-2025-8937 TOTOLINK N350R formSysCmd command injection

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

TOTOLINK N350R 注入漏洞

The TOTOLINK N350R is a WiFi router from China's Gion Electronics TOTOLINK. The TOTOLINK N350R suffers from an injection vulnerability that originates from a misbehavior in the file /boafrm/formSysCmd, which can be exploited by an attacker to cause an application to crash or behave abnormally by...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a stack buffer overflow vulnerability, which originates from the parameter subnet in the file /boafrm/formRoute failing to correctly validate the length and size of the input data, which...

CVE-2025-5672

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

TOTOLINK A720R、TOTOLINK A3002R和TOTOLINK A3002RU 安全漏洞

TOTOLINK A3002RU and others are products of China Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK A720R is a wireless router.TOTOLINK A3002R is a wireless router.TOTOLINK A3002R is a wireless router. A security vulnerability exists in the TOTOLINK A720R, TOTOLINK...

CVE-2025-3987

A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to command injection. The attack may be initiated remotely. The exploit has been...

PT-2025-18018 · Totolink · Totolink N150Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N150RT version 3.4.0-B20190525 Description: A critical issue affects the processing of the file /boafrm/formWsc. The manipulation of the localPin argument leads to command injection. The attack may be initiated remotely...

TOTOLINK多款产品 安全漏洞

TOTOLINK A3002RU and others are products of China's Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK N300RT is a wireless router that complies with the 802.11n standard.TOTOLINK N150RT is a wireless router. A security vulnerability exists in several TOTOLINK...