{"id":7088,"date":"2025-06-20T11:44:47","date_gmt":"2025-06-20T11:44:47","guid":{"rendered":"http:\/\/localhost\/?p=7088"},"modified":"2025-06-20T11:44:47","modified_gmt":"2025-06-20T11:44:47","slug":"totolink-a3002ra3002ru-http-post-request-formtmultiap-buffer-overflow","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7088","title":{"rendered":"TOTOLINK A3002R\/A3002RU HTTP POST Request formTmultiAP buffer overflow"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nTOTOLINK A3002R\/A3002RU HTTP POST Request formTmultiAP buffer overflow<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-20T12:00:18.533Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nTOTOLINK<\/td>\n<\/tr>\n
Product<\/th>\nA3002R<\/td>\n<\/tr>\n
Version<\/th>\n3.0.0-B20230809.1615<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n8.7 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical buffer overflow vulnerability in TOTOLINK A3002R and A3002RU routers allows remote attackers to exploit the HTTP POST request handler. This vulnerability can lead to system crashes or code execution. It affects multiple firmware versions and has a public exploit available.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
Vendor<\/th>\nTOTOLINK<\/td>\n<\/tr>\n
Product<\/th>\nTOTOLINK A3002R, A3002RU<\/td>\n<\/tr>\n
Affected Version<\/th>\n3.0.0-B20230809.1615, 4.0.0-B20230531.1404<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n