TOTOLINK A702R/A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formSaveConfig submit-url Ukuchichima kwebhafa
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 8.4 | $0-$5k | 0.00 |
Isifinyezo
Kutholakale ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu ku TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Kuthintekile umsebenzi ongaziwayo kufayela /boafrm/formSaveConfig kwe-component HTTP POST Request Handler. Ukuguqulwa kwepharamitha submit-url kubangela uhlobo lwe Ukuchichima kwebhafa. Le buthakathaka ibizwa ngokuthi CVE-2025-4827. Kungenzeka ukuqalisa ukuhlasela ungasekho endaweni. Ngaphezu kwalokho, i-exploit iyatholakala. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Iinkcukacha
Kutholakale ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu ku TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Kuthintekile umsebenzi ongaziwayo kufayela /boafrm/formSaveConfig kwe-component HTTP POST Request Handler. Ukuguqulwa kwepharamitha submit-url kubangela uhlobo lwe Ukuchichima kwebhafa. Ukusebenzisa i-CWE ukumemezela inkinga kuholela ku-CWE-120. Lobu buthakathaka bakhishwa obala. Isaziso sitholakala ukuthi singalayishwa ku-github.com.
Le buthakathaka ibizwa ngokuthi CVE-2025-4827. Kungenzeka ukuqalisa ukuhlasela ungasekho endaweni. Imininingwane yezobuchwepheshe iyatholakala. Ukuduma kwalobu buthakathi kungaphansi kokujwayelekile. Ngaphezu kwalokho, i-exploit iyatholakala. Ukuhlaselwa sekumenyezelwe emphakathini futhi kungenzeka kusetshenziswe. Njengamanje, intengo yamanje ye-exploit ingahle ibe cishe USD $0-$5k okwamanje.
Kungenzeka ukuthi i-exploit ingalandwa ku-github.com.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Umkhiqizo
Umkhiqizi
Ibizo
Inguqulo
Ilayisense
Iwebhusayithi
- Umkhiqizi: https://www.totolink.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔒VulDB Ukuthembeka: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒
CVSSv3
VulDB Ireyithingi yeMeta Base: 8.8VulDB Meta Temp Isilinganiso: 8.4
VulDB Isilinganiso Esiyisisekelo: 8.8
VulDB Izinga Lesikhashana: 8.0
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍
CNA Isilinganiso Esiyisisekelo: 8.8
CNA Umkhombandlela: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukuchichima kwebhafaCWE: CWE-120 / CWE-119
CAPEC: 🔒
ATT&CK: 🔒
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: akukho sithathwa esaziwayoIsimo: 🔍
0-Suku Isikhathi: 🔒
Isikhathi somlando
2025-05-16 Isaziso sikhishwe2025-05-16 VulDB okokungena kwenziwe
2025-05-24 VulDB okungenelelwe ukubuyekezwa kokugcina
Imithombo
Umkhiqizi: totolink.netIseluleko: github.com
Isimo: Akuchazwanga
CVE: CVE-2025-4827 (🔒)
GCVE (CVE): GCVE-0-2025-4827
GCVE (VulDB): GCVE-100-309288
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Ukungena
Kudalwa: 2025-05-16 15:27Ukuvuselelwa: 2025-05-24 02:41
Ukulungiswa: 2025-05-16 15:27 (56), 2025-05-17 19:14 (1), 2025-05-17 20:48 (30), 2025-05-24 02:41 (1)
Kugcwele: 🔍
Umthumeli: BabyShark
Cache ID: 253:40A:103
Thumela
Yamukelwa
- Thumela #574598: TOTOLINK A3002RU V2 /A3002R_V2 /A3002R_V4 /A3002RU_V3/ A702R V3.0.0-B20230809.1615 Buffer Overflow (kusuka ku BabyShark)
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.