TOTOLINK A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formMapDel devicemac1 Ukuchichima kwebhafa
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 8.4 | $0-$5k | 0.27 |
Isifinyezo
Kukhona ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu obutholakele ku TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Kuthintekile umsebenzi ongaziwayo kufayela /boafrm/formMapDel kwe-component HTTP POST Request Handler. Ukusebenzisa kwepharamitha devicemac1 kuholela ku Ukuchichima kwebhafa. Lokhu buthakathaka kuthengiswa njenge CVE-2025-4730. Kuyenzeka ukuqala ukuhlasela kude. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Iinkcukacha
Kukhona ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu obutholakele ku TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. Kuthintekile umsebenzi ongaziwayo kufayela /boafrm/formMapDel kwe-component HTTP POST Request Handler. Ukusebenzisa kwepharamitha devicemac1 kuholela ku Ukuchichima kwebhafa. Ukusebenzisa i-CWE ukukhomba inkinga kuholela ku-CWE-120. Ubuthakathaka babikwa. Isaziso sabelwe ukuthi singalayishwa ku-github.com.
Lokhu buthakathaka kuthengiswa njenge CVE-2025-4730. Kuyenzeka ukuqala ukuhlasela kude. Imininingwane yezobuchwepheshe iyatholakala. Udumo lwalobu buthakathi luphansi kunokujwayelekile. Ngaphezu kwalokho, kukhona i-exploit etholakalayo. Ukuhlaselwa sekudalulwe emphakathini futhi kungasetshenziswa. Njengamanje, intengo yamanje ye-exploit ingahle ibe cishe USD $0-$5k okwamanje.
Kuyenzeka ukulanda i-exploit ku-github.com.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Umkhiqizo
Umkhiqizi
Ibizo
Inguqulo
Ilayisense
Iwebhusayithi
- Umkhiqizi: https://www.totolink.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔒VulDB Ukuthembeka: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒
CVSSv3
VulDB Ireyithingi yeMeta Base: 8.8VulDB Meta Temp Isilinganiso: 8.4
VulDB Isilinganiso Esiyisisekelo: 8.8
VulDB Izinga Lesikhashana: 8.0
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍
CNA Isilinganiso Esiyisisekelo: 8.8
CNA Umkhombandlela: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukuchichima kwebhafaCWE: CWE-120 / CWE-119
CAPEC: 🔒
ATT&CK: 🔒
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: akukho sithathwa esaziwayoIsimo: 🔍
0-Suku Isikhathi: 🔒
Isikhathi somlando
2025-05-15 Isaziso sikhishwe2025-05-15 VulDB okokungena kwenziwe
2025-06-20 VulDB okungenelelwe ukubuyekezwa kokugcina
Imithombo
Umkhiqizi: totolink.netIseluleko: github.com
Isimo: Akuchazwanga
CVE: CVE-2025-4730 (🔒)
GCVE (CVE): GCVE-0-2025-4730
GCVE (VulDB): GCVE-100-309032
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Ukungena
Kudalwa: 2025-05-15 09:28Ukuvuselelwa: 2025-06-20 16:29
Ukulungiswa: 2025-05-15 09:28 (56), 2025-05-16 03:37 (1), 2025-05-16 11:43 (30), 2025-06-20 16:29 (1)
Kugcwele: 🔍
Umthumeli: BabyShark
Cache ID: 253:189:103
Thumela
Yamukelwa
- Thumela #570687: TOTOLINK A3002RU V3 and A3002R_V4 V3.0.0-B20230809.1615 Buffer Overflow (kusuka ku BabyShark)
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.