TOTOLINK A702R
0 remedies
cpe:2.3:h:totolink:a702r:*:*:*:*:*:*:*, +1 more
0 remedies
- 3.0.0-B20230809.1615
TOTOLINK A702R, A3002R and A3002RU Buffer Overflow Vulnerability via HTTP POST Request
Vulnerability
A critical buffer overflow vulnerability has been identified in TOTOLINK A702R, A3002R, and A3002RU routers running version 3.0.0-B20230809.1615. The vulnerability arises from an unknown processing issue in the file '/boafrm/formWirelessTbl' within the HTTP POST request handler. Manipulating the 'submit-url' argument can trigger the buffer overflow, potentially leading to a denial-of-service condition. This vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition.
Reproduction
To reproduce this vulnerability, send an HTTP POST request to the '/boafrm/formWirelessTbl' endpoint, including a crafted 'submit-url' argument that exploits the buffer overflow condition.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
6.2remediation
0.0relevance
0.0threat
6.4urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.