CVE-2025-45864 – TOTOLINK A3002R Buffer Overflow Vulnerability

May 13, 2025

CVE ID : CVE-2025-45864

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45866 – TOTOLINK A3002R Buffer Overflow

Next Article CVE-2025-45859 – TOTOLINK A3002R Buffer Overflow

Highlights

CVE-2025-5952 – Zend.To OS Command Injection

June 10, 2025

CVE ID : CVE-2025-5952

Published : June 10, 2025, 5:15 a.m. | 28 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.10-7 is able to address this issue. It is recommended to upgrade the affected component. This affects a rather old version of the software. The vendor recommends updating to the latest release.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2025-45864 – TOTOLINK A3002R Buffer Overflow Vulnerability

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Apple Watch Gets Live Audio Workout Coach in watchOS 26, But How Does it Work?

DavMail is a POP/IMAP/SMTP/Caldav/Carddav/LDAP exchange gateway

CVE-2025-48346 – Etsy360 Embed and Integrate Etsy Shop Missing Authorization Vulnerability

What does SFO have to do with Oracle?

CVE-2025-5952 – Zend.To OS Command Injection

CVE-2025-4951 – Rapid7 AppSpider Pro Stored Cross-Site Scripting Vulnerability

CVE-2025-26159 – Laravel Starter XSS in Tag Name Field

CSS FILTERS Explained

CVE-2025-45864 – TOTOLINK A3002R Buffer Overflow Vulnerability

Related Posts