CVE-2025-4731
published 2025-05-16CVE-2025-4731: A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file…
high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type/ip_subnet leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | a3002r | — | — |
| totolink | a3002r_firmware | — | — |
| totolink | a3002ru | — | — |
| totolink | a3002ru_firmware | — | — |