Unrated severityNVD Advisory· Published Jun 20, 2025· Updated Jun 23, 2025
TOTOLINK A3002R/A3002RU HTTP POST Request formTmultiAP buffer overflow
CVE-2025-6337
Description
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
7- github.com/awindog/cve/blob/main/688/14.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitrethird-party-advisory
- github.com/awindog/cve/blob/main/688/13.mdmitrerelated
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.totolink.netmitreproduct
News mentions
0No linked articles in our index yet.