Buffer Overflow Vulnerability in TOTOlink A3002R Router
CVE-2025-25610

8HIGH

Key Information:

Vendor: TOTOlink
Status: A3002R
Vendor: CVE Published:; 28 February 2025

Summary

The TOTOlink A3002R router is susceptible to a buffer overflow vulnerability due to inadequate input validation of the static_gw parameter within the IPv6 configuration interface. This oversight may allow attackers to manipulate system resources, potentially leading to unauthorized code execution. Prompt updates and vigilantly monitoring network configurations are essential for maintaining security.

References

https://github.com/SunnyYANGyaya/firmcrosser/blob/main/To...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2025
Vulnerability Reserved
Feb 7, 2025