A3002r Firmware@4.0.0-b20230531.1404 Security Vulnerabilities and Issues — A3002r Firmware@4.0.0-b20230531.1404 CVE List

Lucene search

TotolinkA3002r Firmware4.0.0-b20230531.1404

13 matches found

CVE•added 2025/03/28 10:15 p.m.•52 views

CVE-2025-25579

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.

9.8CVSS7.5AI score0.10129EPSS

CVE•added 2025/05/13 7:15 p.m.•34 views

CVE-2025-45861

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.

9.8CVSS8AI score0.00125EPSS

CVE•added 2025/05/13 8:15 p.m.•34 views

CVE-2025-45863

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.

9.8CVSS7.9AI score0.00125EPSS

CVE•added 2025/05/13 3:15 p.m.•33 views

CVE-2025-45864

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.

5.4CVSS7.9AI score0.00047EPSS

CVE•added 2025/05/13 7:15 p.m.•33 views

CVE-2025-45865

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface.

9.8CVSS8AI score0.00125EPSS

CVE•added 2025/05/13 3:15 p.m.•33 views

CVE-2025-45866

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface.

5.4CVSS7.9AI score0.00034EPSS

CVE•added 2025/05/13 3:15 p.m.•29 views

CVE-2025-45859

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.

5.4CVSS8AI score0.00047EPSS

CVE•added 2025/05/13 4:15 p.m.•26 views

CVE-2025-45858

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.

9.8CVSS8AI score0.08791EPSS

CVE•added 2025/05/13 3:15 p.m.•26 views

CVE-2025-45867

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface.

5.4CVSS8AI score0.00047EPSS

CVE•added 2025/05/20 2:15 p.m.•22 views

CVE-2025-45862

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.

6.5CVSS7.5AI score0.00077EPSS

CVE•added 2025/06/17 6:15 a.m.•19 views

CVE-2025-6164

A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to ini...

9CVSS8.9AI score0.00192EPSS

CVE•added 2025/06/17 1:15 a.m.•12 views

CVE-2025-6149

A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch th...

9CVSS9AI score0.00192EPSS

CVE•added 2025/06/21 1:15 a.m.•8 views

CVE-2025-6393

A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Han...

9CVSS9AI score0.00463EPSS