TOTOLINK A702R
0 remedies
cpe:2.3:h:totolink:a702r:*:*:*:*:*:*:*, +1 more
0 remedies
- 3.0.0-B20230809.1615
- 4.0.0-B20230531.1404
- 4.0.0-B20230721.1521
- 4.1.2cu.5232_B20210713
TOTOLINK A702R, A3002R, A3002RU and EX1200T Buffer Overflow Vulnerability via HTTP POST Request
Vulnerability
A critical buffer overflow vulnerability has been identified in TOTOLINK A702R, A3002R, A3002RU, and EX1200T routers running specific firmware versions. The vulnerability arises in an unknown function of the file '/boafrm/formIPv6Addr' within the HTTP POST request handler. Manipulating the 'submit-url' argument can trigger the buffer overflow, potentially leading to a denial-of-service condition. This vulnerability can be exploited remotely, and details of the exploit are publicly available.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition.
Reproduction
To reproduce this vulnerability, send a malicious HTTP POST request to the '/boafrm/formIPv6Addr' endpoint, including a crafted 'submit-url' argument that exploits the buffer overflow condition.
Added: Jun 21, 2025, 1:18 AM
Updated: Jun 21, 2025, 1:18 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
9.1remediation
0.0relevance
0.2threat
6.5urgency
2.9incentive
9.2Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.