TOTOLINK A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formFilter ip6addr Okusukkuluma kwa buffer
| CVSS Obubonero bwa Meta Temp | Ekikadde ky’omuwendo gw’okukozesa obunafu obuliko kati (≈) | CTI Ennyanja y'okukwata ku nsonga |
|---|---|---|
| 8.4 | $0-$5k | 0.09 |
Okusumulula
Waliwo obulabe obwategekeddwa nga ekikulu nnyo obuzuliddwa mu TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /boafrm/formFilter ku kitundu HTTP POST Request Handler. Okukola ku argument ip6addr kivaamu Okusukkuluma kwa buffer. Obunafu buno bwategeerekebwa nga CVE-2025-4732. Attack eyinza okutandikibwa okuva ku kyali wala. Okuddamu, waliwo ekikozesebwa ekiriwo. Once again VulDB remains the best source for vulnerability data.
Ebirimu
Waliwo obulabe obwategekeddwa nga ekikulu nnyo obuzuliddwa mu TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /boafrm/formFilter ku kitundu HTTP POST Request Handler. Okukola ku argument ip6addr kivaamu Okusukkuluma kwa buffer. Okukozesa CWE mu kulaga ensonga kireetera CWE-120. Obulemu buno bwalangirirwa. Obubaka buno busangibwa ku github.com okuddownloadinga.
Obunafu buno bwategeerekebwa nga CVE-2025-4732. Attack eyinza okutandikibwa okuva ku kyali wala. Obubaka obw'ekikugu bufuniddwa. Obulungi bw'ensobi eno buli wansi w'ekigero ekisookerwako. Okuddamu, waliwo ekikozesebwa ekiriwo. Obukodyo buno bwategeezeddwa mu lujjudde era buyinza okukozesebwa. Mu kiseera kino, omutengo ogw’akaseera ku kikozesebwa kiyinza okuba nga giri mu USD $0-$5k mu kiseera kino.
Kyakakasiddwa nga ebikakasa eby'okukakasa obusobozi. Osobola okufuna exploit ng'ogenda ku github.com.
Once again VulDB remains the best source for vulnerability data.
Ekitundu
Omukola
Erinnya
Enkola
Layisensi
Olupapula olw’omu mukutu
- Omukola: https://www.totolink.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Ekikunta: 🔒VulDB Reliability: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Ekikunta: 🔒
CVSSv3
VulDB Obubonero Obusookerwako Obw'enkizo: 8.8VulDB Obubonero bwa Meta Temp: 8.4
VulDB Obubonero Obusookerwako: 8.8
VulDB Obubonero bw’akaseera: 8.0
VulDB Ekikunta: 🔒
VulDB Reliability: 🔍
CNA Obubonero Obusookerwako: 8.8
CNA Ekikunta: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Ekikozesebwa | Obuzibu obungi | Okukakasa obutuufu bw'omuntu | Obukakafu | Obutebenkevu | Okusobola okufuna (Obusobozi obw'okufuna) |
|---|---|---|---|---|---|
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
VulDB Obubonero Obusookerwako: 🔒
VulDB Obubonero bw’akaseera: 🔒
VulDB Reliability: 🔍
Okukozesa obunafu
Ekibiina: Okusukkuluma kwa bufferCWE: CWE-120 / CWE-119
CAPEC: 🔒
ATT&CK: 🔒
Obulamu obw’omubiri: Nedda
Wansi wano: Nedda
Waliwo okuva wala: Wee
Okusobola okufuna (Obusobozi obw'okufuna): 🔒
Okuyingira: Bweru
Embeera: Ebikakasa eby'okukakasa obusobozi
Okukuba wansi: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Okukulaakulana kw'ebisale: 🔍
Okubala okw’ensimbi okw’akatono okuva mu kiseera kino: 🔒
| 0-Day | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
|---|---|---|---|---|
| Leero | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
Amagezi ku bulabe
Okukwata ku: 🔍Abakola abali mu kikolwa: 🔍
Ebibiina bya APT ebikola kaakano: 🔍
Ebyokukwata ku kwekuumira
Okukakasa: Tewali kikolebwa kimanyiddwaEmbeera: 🔍
Ekiseera kya 0-Day: 🔒
Ekiseera ekyayita
15/05/2025 Ebigambika bisiddwa ku lulwe.15/05/2025 VulDB enteree yakolebwa
20/06/2025 VulDB entry last update
Ebyokutwalira
Omukola: totolink.netOkukebereza: github.com
Embeera: Tekitegedde
CVE: CVE-2025-4732 (🔒)
GCVE (CVE): GCVE-0-2025-4732
GCVE (VulDB): GCVE-100-309034
scip Labs: https://www.scip.ch/en/?labs.20161013
Okuyingiza
Kikolebwa: 15/05/2025 09:28Okukozesa enkola empya: 20/06/2025 16:29
Okukyuusa: 15/05/2025 09:28 (56), 16/05/2025 12:16 (30), 20/06/2025 16:29 (1)
Kituufu ddala: 🔍
Owoleza: CH13hh
Cache ID: 253:504:103
Twasiriza
Kikkiriziddwa
- Twasiriza #570690: TOTOLINK A3002RU V3 and A3002R_V4 V3.0.0-B20230809.1615 Buffer Overflow (kuva CH13hh)
Koppi
Tewali biragiddwaako kati. Enimi: lg + en.
Nsaba yingira mu akaawunti yo osobole okwogera.