threat
engine
.sh
Back
·
··:··
Home
/
Product
/
totolink a3002r firmware
Product
totolink a3002r firmware
61 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-55591
all versions
TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in th
9.8
CRITICAL
CVE-2025-55590
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html.
6.5
MEDIUM
CVE-2025-55589
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, band
6.5
MEDIUM
CVE-2025-55588
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. Th
7.5
HIGH
CVE-2025-55587
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelD
7.5
HIGH
CVE-2025-55586
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This
7.5
HIGH
CVE-2025-55585
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.
6.5
MEDIUM
CVE-2025-55584
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account.
5.3
MEDIUM
CVE-2025-6487
all versions
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function
8.8
HIGH
CVE-2025-6486
all versions
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects th
8.8
HIGH
CVE-2025-6485
all versions
A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function f
6.3
MEDIUM
CVE-2025-6393
all versions
A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721
8.8
HIGH
CVE-2025-6337
all versions
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critic
8.8
HIGH
CVE-2025-6164
all versions
A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown par
8.8
HIGH
CVE-2025-6149
all versions
A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of
8.8
HIGH
CVE-2025-45862
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhc
6.5
MEDIUM
CVE-2025-4852
all versions
A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects s
2.4
LOW
CVE-2025-4835
all versions
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected b
8.8
HIGH
CVE-2025-4834
all versions
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected
8.8
HIGH
CVE-2025-4833
all versions
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affect
8.8
HIGH
CVE-2025-4832
all versions
A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnera
8.8
HIGH
CVE-2025-4831
all versions
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affe
8.8
HIGH
CVE-2025-4830
all versions
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affe
8.8
HIGH
CVE-2025-4829
all versions
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this vuln
8.8
HIGH
CVE-2025-4827
all versions
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected
8.8
HIGH
CVE-2025-4826
all versions
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This
8.8
HIGH
CVE-2025-4825
all versions
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability af
8.8
HIGH
CVE-2025-4824
all versions
A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an
8.8
HIGH
CVE-2025-4823
all versions
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by t
8.8
HIGH
CVE-2025-4733
all versions
A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue
8.8
HIGH
CVE-2025-4732
all versions
A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects u
8.8
HIGH
CVE-2025-4731
all versions
A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown
8.8
HIGH
CVE-2025-4730
all versions
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this iss
8.8
HIGH
CVE-2025-4729
all versions
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this
6.3
MEDIUM
CVE-2025-45863
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice
9.8
CRITICAL
CVE-2025-45865
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s int
9.8
CRITICAL
CVE-2025-45861
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 in
9.8
CRITICAL
CVE-2025-45858
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.
9.8
CRITICAL
CVE-2025-45867
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Set
5.4
MEDIUM
CVE-2025-45866
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s
5.4
MEDIUM
CVE-2025-45864
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv
5.4
MEDIUM
CVE-2025-45859
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevic
5.4
MEDIUM
CVE-2025-25579
all versions
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr.
9.8
CRITICAL
CVE-2025-25635
all versions
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input v
8.0
HIGH
CVE-2025-25610
all versions
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input v
8.0
HIGH
CVE-2025-25609
all versions
TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input v
8.0
HIGH
CVE-2024-54907
all versions
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.
8.8
HIGH
CVE-2024-34195
all versions
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI
9.8
CRITICAL
CVE-2024-42520
all versions
TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.
9.8
CRITICAL
CVE-2024-33820
all versions
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via th
7.5
HIGH
CVE-2022-40112
all versions
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/b
7.5
HIGH
CVE-2022-40111
all versions
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware.
9.8
CRITICAL
CVE-2022-40110
all versions
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.
7.5
HIGH
CVE-2022-40109
all versions
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions via binary /bin/boa.
9.8
CRITICAL
CVE-2021-34228
all versions
Cross-site scripting in parent_control.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers
6.1
MEDIUM
CVE-2021-34223
all versions
Cross-site scripting in urlfilter.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to e
6.1
MEDIUM
CVE-2021-34220
all versions
Cross-site scripting in tr069config.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to
6.1
MEDIUM
CVE-2021-34218
all versions
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /add/ , /img/
5.3
MEDIUM
CVE-2021-34215
all versions
Cross-site scripting in tcpipwan.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to ex
6.1
MEDIUM
CVE-2021-34207
all versions
Cross-site scripting in ddns.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to execut
6.1
MEDIUM
CVE-2020-25499
< 1.1.1-b20200824.0128
TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin