A3002RU
by Totolink
CVEs (91)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-45863 | 0.00 | — | 0.01 | May 13, 2025 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. | |||
| CVE-2025-45866 | 0.00 | — | 0.00 | May 13, 2025 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface. | |||
| CVE-2025-45859 | 0.00 | — | 0.04 | May 13, 2025 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface. | |||
| CVE-2025-45861 | 0.00 | — | 0.01 | May 13, 2025 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. | |||
| CVE-2025-25610 | 0.00 | — | 0.00 | Feb 28, 2025 | TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa. | |||
| CVE-2025-25635 | 0.00 | — | 0.00 | Feb 28, 2025 | TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the pppoe_dns1 parameter in the formIpv6Setup interface of /bin/boa. | |||
| CVE-2025-25609 | 0.00 | — | 0.00 | Feb 28, 2025 | TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa | |||
| CVE-2024-54907 | 0.00 | — | 0.01 | Dec 26, 2024 | TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc. | |||
| CVE-2024-34198 | 0.00 | — | 0.01 | Aug 28, 2024 | TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer Overflow. The formWlEncrypt CGI handler in the boa program fails to limit the length of the wlan_ssid field from user input. This allows attackers to craft malicious HTTP requests by supplying… | |||
| CVE-2024-42520 | 0.00 | — | 0.01 | Aug 12, 2024 | TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl. | |||
| CVE-2024-34196 | 0.00 | — | 0.01 | May 8, 2024 | Totolink AC1200 Wireless Dual Band Gigabit Router A3002RU_V3 Firmware V3.0.0-B20230809.1615 is vulnerable to Buffer Overflow. The "boa" program allows attackers to modify the value of the "vwlan_idx" field via "formMultiAP". This can lead to a stack overflow through the… |
- CVE-2025-45863May 13, 2025risk 0.00cvss —epss 0.01
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.
- CVE-2025-45866May 13, 2025risk 0.00cvss —epss 0.00
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface.
- CVE-2025-45859May 13, 2025risk 0.00cvss —epss 0.04
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.
- CVE-2025-45861May 13, 2025risk 0.00cvss —epss 0.01
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.
- CVE-2025-25610Feb 28, 2025risk 0.00cvss —epss 0.00
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa.
- CVE-2025-25635Feb 28, 2025risk 0.00cvss —epss 0.00
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the pppoe_dns1 parameter in the formIpv6Setup interface of /bin/boa.
- CVE-2025-25609Feb 28, 2025risk 0.00cvss —epss 0.00
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa
- CVE-2024-54907Dec 26, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.
- CVE-2024-34198Aug 28, 2024risk 0.00cvss —epss 0.01
TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer Overflow. The formWlEncrypt CGI handler in the boa program fails to limit the length of the wlan_ssid field from user input. This allows attackers to craft malicious HTTP requests by supplying…
- CVE-2024-42520Aug 12, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.
- CVE-2024-34196May 8, 2024risk 0.00cvss —epss 0.01
Totolink AC1200 Wireless Dual Band Gigabit Router A3002RU_V3 Firmware V3.0.0-B20230809.1615 is vulnerable to Buffer Overflow. The "boa" program allows attackers to modify the value of the "vwlan_idx" field via "formMultiAP". This can lead to a stack overflow through the…
Page 5 of 5