Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-25610

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa.

Published

2025-02-28T19:15:37.107

Last Modified

2025-04-03T15:37:48.043

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.0 (HIGH)

Weaknesses

Type: Secondary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	totolink	a3002r_firmware	1.1.1-b20200824.0128	Yes
Hardware	totolink	a3002r	-	No

References

https://github.com/SunnyYANGyaya/firmcrosser/blob/main/ToTolink/TOTOLINK-A3002R-formIpv6Setup-static_gw.md Broken Link ([email protected])