CVE-2025-4830 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

May 17, 2025

CVE ID : CVE-2025-4830

Published : May 17, 2025, 4:15 p.m. | 53 minutes ago

Description : A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleOpenSees – Open System for Earthquake Engineering Simulation

Next Article CVE-2025-47273 – Setuptools Remote Code Execution via Path Traversal

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Hallucinated code, real threat: How slopsquatting targets AI-assisted development

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

Everwild’s cancellation has me worried for one of my favorite dev teams and Xbox itself — It needs creative new games to thrive and refresh its identity

Trust but Verify: The Curious Case of AI Hallucinations

Trust but Verify: The Curious Case of AI Hallucinations

From Flow to Fabric: Connecting Power Automate to Microsoft Fabric

Flutter Web Hot Reload Has Landed – No More Refreshes!

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

CVE-2025-4830 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Cisco scores a perfect 10 – sadly for a critical flaw in its comms platform

Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations

CVE-2025-44899 – Tenda RX3 Stack Overflow Vulnerability in WifiGuestSet

A catalogue of genetic mutations to help pinpoint the cause of diseases

CVE-2024-47056 – Mautic Sensitive Information Disclosure

Rethinking Information Retrieval in MongoDB with Voyage AI

CVE-2025-46014 – Honor PC Manager Named Pipe Privilege Escalation Vulnerability

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

CVE-2025-3599 – Symantec Endpoint Protection ERASER Engine Elevation of Privilege Vulnerability

Windows 11 is planning a huge redesign of its Start Menu

CVE-2025-4830 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts