CVE-2025-6485 – TOTOLINK A3002R OS Command Injection Vulnerability

June 22, 2025

CVE ID : CVE-2025-6485

Published : June 22, 2025, 5:15 p.m. | 7 hours, 39 minutes ago

Description : A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6487 – TOTOLINK A3002R Stack-Based Buffer Overflow

Next Article CVE-2025-6484 – Code-projects Online Shopping Store SQL Injection

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-6485 – TOTOLINK A3002R OS Command Injection Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-49833 – GPT-SoVITS-WebUI Command Injection Vulnerability

CVE-2025-29964 – Windows Media Heap Buffer Overflow

CVE-2025-0679 – GitLab Email Address Disclosure Vulnerability

CVE-2025-4220 – Xavin’s List Subpages WordPress Stored Cross-Site Scripting Vulnerability

CVE-2025-48828 – vBulletin PHP Code Execution Vulnerability

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

Helwan OS: la distribuzione GNU/Linux multiuso egiziana

Researchers at Physical Intelligence Introduce π-0.5: A New AI Framework for Real-Time Adaptive Intelligence in Physical Systems

CVE-2025-6485 – TOTOLINK A3002R OS Command Injection Vulnerability

Related Posts