CVE-2025-25579

Critical CVSS: 9.8

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.

Vendor

Product

CWE

Yayın Tarihi

2025-03-28 22:15:17

Güncelleme

2025-04-07 14:23:36

Source Identifier

cve@mitre.org

KEV Date Added

CWE-78 A3002r Firmware CRITICAL Totolink 2025

https://gist.github.com/regainer27/0abf6f56eae3fa2826d2551e22c2ace3 https://github.com/regainer27/totolink_A3002R_remote_command_exec https://github.com/regainer27/totolink_A3002R_remote_command_exec

Critical

CVE-2026-31027

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste…

Medium

CVE-2026-5178

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this issue is the func…

Medium

CVE-2026-5177

A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this vulnerability is the function…

Medium

CVE-2026-5176

A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of…

Medium

CVE-2026-5105

A vulnerability was detected in Totolink A3300R 17.0.0cu.557_b20221024. The affected element is the function setVpnPassC…

Medium

CVE-2026-5104

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is the function setStatic…