A3002r
This hub aggregates every CVE we track for A3002r, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
47
CVEs tracked
7
Critical
28
High
0
In CISA KEV
Severity distribution
HIGH28MEDIUM11CRITICAL7LOW1
Monthly trend
0
0
0
0
0
2
0
1
1
0
27
7
0
8
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting A3002r.
- CVE-2025-55584TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account.5.3
- CVE-2025-55585TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.6.5
- CVE-2025-55588TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. This vulnerability allows attackers to cause a Denial of Service (DoS...7.5
- CVE-2025-55590TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html.6.5
- CVE-2025-55587TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Ser...7.5
- CVE-2025-55591TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint.9.8
- CVE-2025-55589TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice.6.5
- CVE-2025-55586TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) ...7.5
- CVE-2025-6487TOTOLINK A3002R formRoute stack-based overflow8.8
- CVE-2025-6486TOTOLINK A3002R formWlanMultipleAP stack-based overflow8.8
- CVE-2025-6485TOTOLINK A3002R formWlSiteSurvey os command injection6.3
- CVE-2025-6393TOTOLINK A702R/A3002R/A3002RU/EX1200T HTTP POST Request formIPv6Addr buffer overflow8.8
- CVE-2025-6337TOTOLINK A3002R/A3002RU HTTP POST Request formTmultiAP buffer overflow8.8
- CVE-2025-6164TOTOLINK A3002R HTTP POST Request formMultiAP buffer overflow8.8
- CVE-2025-6149TOTOLINK A3002R HTTP POST Request formSysLog buffer overflow8.8
Product normalization is registry-driven with AI assist and human review. How it works