CVE-2025-4827 | TOTOLINK A702R/A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formSaveConfig submit-url buffer overflow

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow.

This vulnerability is traded as CVE-2025-4827. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4827 | TOTOLINK A702R/A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formSaveConfig submit-url buffer overflow

Post correlati

CVE-2023-50168 | Pegasystems Pega Platform up to 8.8.4 PDF Generation xml external entity reference

CVE-2023-49192 | Enhanced Text Widget Plugin up to 1.6.2 on WordPress etw_hide_admin_notification_callback authorization

CVE-2024-39605 | Delta Electronics DIAScreen up to 1.4.x BACnetParameter stack-based overflow (icsa-24-312-02)

CVE-2021-47131 | Linux Kernel up to 5.10.42/5.12/5.12.9 TLS tls_device_down use after free (f1d4184f128d/0f1e6fe66977/c55dcdd435aa)