Buffer Overflow Vulnerability in TOTOLINK A702R Product
CVE-2025-9779

8.7HIGH

Key Information:

Vendor: Totolink
Status: A702r
Vendor: CVE Published:; 1 September 2025

Badges

👾 Exploit Exists

What is CVE-2025-9779?

A buffer overflow vulnerability exists in the TOTOLINK A702R, specifically in the function sub_4162DC located within the /boafrm/formFilter file. This weakness arises when improper handling of the 'ip6addr' argument is encountered. Due to its nature, this vulnerability can be exploited remotely, allowing attackers to execute potentially harmful actions. The details of the exploit are publicly disclosed, making it imperative for users to apply security measures to mitigate associated risks.

Affected Version(s)

A702R 4.0.0-B20211108.1423

References

https://vuldb.com/?id.322081

vdb-entrytechnical-description

https://vuldb.com/?ctiid.322081

signaturepermissions-required

https://vuldb.com/?submit.640987

third-party-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 1, 2025
👾
Exploit known to exist
Sep 1, 2025
Vulnerability published
Sep 1, 2025
Vulnerability Reserved
Sep 1, 2025

Credit

rew1X (VulDB User)

Totolink

Badges

What is CVE-2025-9779?

Affected Version(s)

References

CVSS V4

Timeline

Credit