Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> A3002r Firmware  >> 4.0.0-b20230531.1404  Security Vulnerabilities
CVE-2025-6164
A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-06-17
CVE-2025-6149
A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-06-17
CVE-2025-45862
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-20
CVE-2025-45863
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-05-13
CVE-2025-45861
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-05-13
CVE-2025-45865
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-05-13
CVE-2025-45858
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.
CVSS Score
9.8
EPSS Score
0.099
Published
2025-05-13
CVE-2025-45859
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-05-13
CVE-2025-45864
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-05-13
CVE-2025-45866
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved