PT-2025-30741 · Totolink · Totolink A702R
Panda_0X1
·
Published
2025-07-22
·
Updated
2025-07-30
·
CVE-2025-8140
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TOTOLINK A702R version 4.0.0-B20230721.1521
Description
A critical vulnerability exists in the TOTOLINK A702R. The issue is a buffer overflow within the HTTP POST Request Handler, specifically affecting the file
/boafrm/formWlanMultipleAP. The vulnerability is triggered by manipulating the submit-url argument, allowing for remote exploitation. The exploit has been publicly disclosed.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Totolink A702R