TOTOLINK A702R
0 remedies
cpe:2.3:h:totolink:a702r:*:*:*:*:*:*:*, +1 more
0 remedies
- 3.0.0-B20230809.1615
TOTOLINK A702R, A3002R and A3002RU Buffer Overflow Vulnerability
Vulnerability
A critical buffer overflow vulnerability has been identified in TOTOLINK A702R, A3002R, and A3002RU routers running version 3.0.0-B20230809.1615. The vulnerability resides in the HTTP POST request handler, specifically within the 'submit-url' function of the '/boafrm/formReflashClientTbl' file. This issue allows for remote exploitation, potentially leading to a denial-of-service condition.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can commonly lead to arbitrary code execution or a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending an HTTP POST request to the '/boafrm/formReflashClientTbl' endpoint with a payload that triggers the buffer overflow. This can be done using a variety of tools that allow for crafting and sending HTTP requests, such as curl, Postman, or custom scripts.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
6.2remediation
0.0relevance
0.0threat
6.4urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.