CVE-2025-55589
Severity
6.5MEDIUM
EPSS
4.1%
top 11.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 18
Description
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5