CVE-2025-15139

A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub43ACF4 of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may b...

CVE-2025-15139 TRENDnet TEW-822DRE formWsc sub_43ACF4  command injection

A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub43ACF4 of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may b...

CVE-2025-15139

TRENDnet TEW-822DRE routers (versions 1.00B21 and 1.01B06) are affected by a command-injection vulnerability in the sub_43ACF4 function of /boafrm/formWsc, caused by manipulation of the peerPin argument. This allows remote code execution and has been publicly disclosed; exploitation is possible w...

CVE-2025-15139 TRENDnet TEW-822DRE formWsc sub_43ACF4  command injection

A vulnerability has been found in TRENDnet TEW-822DRE 1.00B21/1.01B06. This affects the function sub43ACF4 of the file /boafrm/formWsc. Such manipulation of the argument peerPin leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may b...

The vulnerability of the built-in web server boa (/boa/formWSC) in TOTOLINK N150RT router’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the built-in web server boa /boa/formWSC of TOTOLINK N150RT routers is related to the failure to take measures to neutralize special elements used in the operating system’s commands when processing the targetAPSsid parameter. Exploiting this vulnerability allows a remote...

CVE-2025-5910

A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can b...

The vulnerability of the /boafrm/formWsc file in the HTTP POST Request Handler of the microprogramming software for TOTOLINK routers, models A702R, A3002R, and A3002RU, allows a perpetrator to execute arbitrary code.

The vulnerability of the /boafrm/formWsc file in the HTTP POST Request Handler of the microprogramming software for TOTOLINK A702R, A3002R, and A3002RU routers is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker who...

TOTOLINK A720R、TOTOLINK A3002R和TOTOLINK A3002RU 安全漏洞

TOTOLINK A3002RU and others are products of China Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK A720R is a wireless router.TOTOLINK A3002R is a wireless router.TOTOLINK A3002R is a wireless router. A security vulnerability exists in the TOTOLINK A720R, TOTOLINK...

The vulnerability of the /boafrm/formWsc file in the microprogramming software of TOTOLINK N150RT allows a perpetrator to execute arbitrary code.

The vulnerability of the /boafrm/formWsc file of TOTOLINK N150RT microprogrammed software devices is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2025-3993

TOTOLINK N150RT 3.4.0-B20190525 is affected by a buffer overflow in the /boafrm/formWsc handler when the submit-url parameter is manipulated. The issue can be triggered remotely and impacts confidentiality, integrity, and availability (high). Root cause: improper handling of the submit-url argume...

The vulnerability of the formWsc function in the microprogramming software of the Totolink A3002R router allows a intruder to execute arbitrary code.

The vulnerability of the formWsc function in the Totolink A3002R router’s microprogramming software relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request...

CVE-2024-54907

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc...

TOTOLINK A3002R 安全漏洞

The TOTOLINK A3002R is a wireless dual-band Gigabit router. A remote code injection vulnerability exists in the TOTOLINK A3002R. The vulnerability is due to the ability to execute remote code in /bin/boa via formWsc in the affected version. An attacker can exploit this vulnerability to remotely...