CVE-2025-6627

Name of the Vulnerable Software and Affected Versions TOTOLINK A702R version 4.0.0-B20230721.1521

Description A critical vulnerability exists in the TOTOLINK A702R router, specifically within the HTTP POST Request Handler component. The issue is a buffer overflow triggered by manipulating the submit-url parameter in a POST request to the /boafrm/formIpv6Setup endpoint. This can be exploited remotely to cause a denial-of-service condition. The exploit for this vulnerability has been publicly disclosed.

Recommendations TOTOLINK A702R version 4.0.0-B20230721.1521: At the moment, there is no information about a newer version that contains a fix for this vulnerability.