TOTOLINK N302R Plus kuze kube 3.4.0-B20201028 HTTP POST Request /boafrm/formPortFw service_type Ukuchichima kwebhafa
Kukhona ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu obutholakele ku TOTOLINK N302R Plus kuze kube 3.4.0-B20201028. Kuthintekile umsebenzi $software_function kufayela /boafrm/formPortFw kwe-component HTTP POST Request Handler. Ukusebenzisa kwepharamitha service_type kuholela ku Ukuchichima kwebhafa. Ukusebenzisa i-CWE ukukhomba inkinga kuholela ku-CWE-120. Ubuthakathaka babikwa 2025-06-04. Isaziso sabelwe ukuthi singalayishwa ku-github.com.
Lokhu buthakathaka kuthengiswa njenge CVE-2025-5671. Kuyenzeka ukuqala ukuhlasela kude. Kukhona imininingwane yezobuchwepheshe etholakalayo. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. Ukuhlaselwa sekudalulwe emphakathini futhi kungasetshenziswa. Okwamanje, intengo yamanje ye-exploit ingaba cishe USD $0-$5k ngalesi sikhathi.
Kuyenzeka ukulanda i-exploit ku-github.com.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
2 Ukulungiswa · 57 Amaphuzu wedatha
| Insimu | Kudalwa 2025-06-04 15:01 | Ukuvuselelwa 1/1 2025-06-06 04:25 |
|---|---|---|
| software_vendor | TOTOLINK | TOTOLINK |
| software_name | N302R Plus | N302R Plus |
| software_version | <=3.4.0-B20201028 | <=3.4.0-B20201028 |
| software_component | HTTP POST Request Handler | HTTP POST Request Handler |
| software_file | /boafrm/formPortFw | /boafrm/formPortFw |
| software_argument | service_type | service_type |
| vulnerability_cwe | CWE-120 (Ukuchichima kwebhafa) | CWE-120 (Ukuchichima kwebhafa) |
| vulnerability_risk | 2 | 2 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_ui | N | N |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | H | H |
| cvss3_vuldb_i | H | H |
| cvss3_vuldb_a | H | H |
| cvss3_vuldb_e | P | P |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/byxs0x0/cve2/blob/main/530/1.md | https://github.com/byxs0x0/cve2/blob/main/530/1.md |
| exploit_availability | 1 | 1 |
| exploit_publicity | 1 | 1 |
| exploit_url | https://github.com/byxs0x0/cve2/blob/main/530/1.md | https://github.com/byxs0x0/cve2/blob/main/530/1.md |
| source_cve | CVE-2025-5671 | CVE-2025-5671 |
| cna_responsible | VulDB | VulDB |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_ci | C | C |
| cvss2_vuldb_ii | C | C |
| cvss2_vuldb_ai | C | C |
| cvss2_vuldb_e | POC | POC |
| cvss2_vuldb_rc | UR | UR |
| cvss4_vuldb_av | N | N |
| cvss4_vuldb_ac | L | L |
| cvss4_vuldb_ui | N | N |
| cvss4_vuldb_vc | H | H |
| cvss4_vuldb_vi | H | H |
| cvss4_vuldb_va | H | H |
| cvss4_vuldb_e | P | P |
| cvss2_vuldb_au | S | S |
| cvss2_vuldb_rl | ND | ND |
| cvss3_vuldb_pr | L | L |
| cvss3_vuldb_rl | X | X |
| cvss4_vuldb_at | N | N |
| cvss4_vuldb_pr | L | L |
| cvss4_vuldb_sc | N | N |
| cvss4_vuldb_si | N | N |
| cvss4_vuldb_sa | N | N |
| cvss2_vuldb_basescore | 9.0 | 9.0 |
| cvss2_vuldb_tempscore | 7.7 | 7.7 |
| cvss3_vuldb_basescore | 8.8 | 8.8 |
| cvss3_vuldb_tempscore | 8.0 | 8.0 |
| cvss3_meta_basescore | 8.8 | 8.8 |
| cvss3_meta_tempscore | 8.0 | 8.0 |
| cvss4_vuldb_bscore | 8.7 | 8.7 |
| cvss4_vuldb_btscore | 7.4 | 7.4 |
| advisory_date | 1748988000 (2025-06-04) | 1748988000 (2025-06-04) |
| price_0day | $0-$5k | $0-$5k |
| euvd_id | EUVD-2025-17013 |