CVE-2025-4835 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

May 17, 2025

CVE ID : CVE-2025-4835

Published : May 17, 2025, 8:15 p.m. | 30 minutes ago

Description : A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4836 – Projectworlds Life Insurance Management System SQL Injection

Next Article CVE-2024-13965 – Apache HTTP Server SQL Injection

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Hallucinated code, real threat: How slopsquatting targets AI-assisted development

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

Everwild’s cancellation has me worried for one of my favorite dev teams and Xbox itself — It needs creative new games to thrive and refresh its identity

Trust but Verify: The Curious Case of AI Hallucinations

Trust but Verify: The Curious Case of AI Hallucinations

From Flow to Fabric: Connecting Power Automate to Microsoft Fabric

Flutter Web Hot Reload Has Landed – No More Refreshes!

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Microsoft is closing down Xbox studio The Initiative, with Perfect Dark killed as well — joining Everwild and ZeniMax’s new IP, and other unannounced projects

No, Microsoft and Xbox’s Phil Spencer isn’t stepping down any time soon — here’s the truth

CVE-2025-4835 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available

CVE-2025-20309 affects Cisco Unified CM

CVE-2025-47763 – Apache HTTP Server Unvalidated User Input

CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

CVE-2025-5053 – FreeFloat FTP Server MDIR Command Handler Buffer Overflow

Microsoft finally launches the controversial Recall feature after a long delay

Microsoft “.library-ms” File / NTLM Information Disclosure (Resurrected 2025)

These earbuds sold me on the open-ear form factor (and sound great for the price)

CVE-2025-34091 – Google Chrome AppBound Encryption Padding Oracle

What Makes for a Good Stereoscopic Image?

CVE-2025-4835 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts