1840 matches found
CVE-2025-4732 TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflow
A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack ca...
CVE-2025-4732 TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflow
A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack ca...
CVE-2025-4732
CVE-2025-4732 affects TOTOLINK A3002R/A3002RU running 3.0.0-B20230809.1615. The issue resides in the HTTP POST Request Handler, specifically the /boafrm/formFilter path, where manipulation of the ip6addr argument triggers a buffer overflow. This can be exploited remotely, and public disclosures e...
CVE-2025-4731
A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...
CVE-2025-4729
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...
CVE-2025-4730
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...
CVE-2025-4731 TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow
A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...
CVE-2025-4731 TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow
A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype/ipsubnet leads to buffer overflow. It is...
CVE-2025-4731
Summary: CVE-2025-4731 affects TOTOLINK A3002R and A3002RU running 3.0.0-B20230809.1615. The vulnerability lies in the HTTP POST Request Handler, specifically the /boafrm/formPortFw file, where manipulating the argument commonly labeled as either service_type or ip_subnet leads to a buffer overfl...
CVE-2025-4730 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflow
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...
CVE-2025-4730 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflow
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer...
CVE-2025-4730
TOTOLINK A3002R/A3002RU (version 3.0.0-B20230809.1615) is affected by a buffer overflow in the HTTP POST Request Handler, specifically in the /boafrm/formMapDel function when the devicemac1 argument is manipulated. The vulnerability can be exploited remotely and is described as critical in multip...
CVE-2025-4729
Totolink A3002R/A3002RU (v3.0.0-B20230809.1615) are affected by a command-injection vulnerability in the HTTP POST handler for the /boafrm/formMapDelDevice endpoint. Exploitation centers on tampering with the macstr parameter, with remote access and disclosure of the exploit noted. The PT-2025-21...
CVE-2025-4729 TOTOLINK A3002R/A3002RU HTTP POST Request formMapDelDevice command injection
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr lead...
PT-2025-21589 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue was found in the HTTP POST Request Handler component, specifically affecting unknown code of the file /boafrm/formFilter. The manipulation of the ip6addr...
PT-2025-21586 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue affects an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr...
PT-2025-21588 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R and A3002RU version 3.0.0-B20230809.1615 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK A3002R and A3002RU. This affects an unknown part of the file...
CVE-2025-3659
Improper authentication handling was identified in a set of HTTP POST requests affecting the following product families: Digi PortServer TS - prior to and including 82000747AA, build date 06/17/2022 Digi One SP/Digi One SP IA/Digi One IA - prior to and including 82000774Z, build date 10/19/2020...
PT-2025-22309 · Linksys · Linksys Fgw3000-Hk +1
Name of the Vulnerable Software and Affected Versions: Linksys FGW3000-AH and FGW3000-HK versions up to 1.0.17.000000 Description: A critical issue was found, affecting the function sub 4153FC of the file /cgi-bin/sysconf.cgi in the HTTP POST Request Handler component. The manipulation of the...
PT-2025-22310 · Linksys · Linksys Fgw3000-Hk +1
Name of the Vulnerable Software and Affected Versions: Linksys FGW3000-AH and FGW3000-HK versions up to 1.0.17.000000 Description: A critical issue affects the control panel sw function of the /cgi-bin/sysconf.cgi file in the HTTP POST Request Handler component. The manipulation of the filename...