6 matches found
CVE-2025-25579
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr...
CVE-2025-25579
creationtimestamp| type| source ---|---|--- 2025-03-28 22:28:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9489 2025-03-29 00:26:51+00:00| seen| https://t.me/cvedetector/21476 2025-03-31 19:48:22+00:00| seen|...
CVE-2025-25579
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr...
CVE-2025-25579
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr...
CVE-2025-25579
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr...
CVE-2025-25579
TOTOLINK A3002R (V4.0.0-B20230531.1404) is affected by a Command Injection in the /bin/boa executable via the bandstr parameter. The root cause is the failure to properly filter command characters in bandstr, enabling arbitrary command execution. CVSS v3.1 base score is 9.8 (CRITICAL) with networ...