Totolink A3002r
61 CVEs affecting Totolink A3002r. Latest disclosed: 2025-08-18. Critical: 10, High: 33.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55591 | Critical | 9.8 | 2025-08-18 | TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint. |
CVE-2025-45863 | Critical | 9.8 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface. |
CVE-2025-45865 | Critical | 9.8 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface. |
CVE-2025-45861 | Critical | 9.8 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface. |
CVE-2025-45858 | Critical | 9.8 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function. |
CVE-2025-25579 | Critical | 9.8 | 2025-03-28 | TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr. |
CVE-2024-34195 | Critical | 9.8 | 2024-08-28 | TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncr… |
CVE-2024-42520 | Critical | 9.8 | 2024-08-12 | TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl. |
CVE-2022-40111 | Critical | 9.8 | 2022-09-06 | In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware. |
CVE-2022-40109 | Critical | 9.8 | 2022-09-06 | TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions via binary /bin/boa. |
CVE-2025-6487 | High | 8.8 | 2025-06-22 | A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm… |
CVE-2025-6486 | High | 8.8 | 2025-06-22 | A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP… |
CVE-2025-6393 | High | 8.8 | 2025-06-21 | A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713… |
CVE-2025-6337 | High | 8.8 | 2025-06-20 | A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerab… |
CVE-2025-6164 | High | 8.8 | 2025-06-17 | A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMul… |
CVE-2025-6149 | High | 8.8 | 2025-06-17 | A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog o… |
CVE-2025-4835 | High | 8.8 | 2025-05-17 | A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an un… |
CVE-2025-4834 | High | 8.8 | 2025-05-17 | A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of th… |
CVE-2025-4833 | High | 8.8 | 2025-05-17 | A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of… |
CVE-2025-4832 | High | 8.8 | 2025-05-17 | A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code o… |