| Title | TOTOLINK A3002RU V3/A3002R_V4 V3.0.0-B20230809.1615 Command execution |
|---|
| Description | A serious command execution vulnerability was discovered in TOTOLINK A3002RU V3 and A3002R_V4. The vulnerability can be triggered by the route /boafrm/formMapDelDevice. The attacker can achieve command execution by sending HTTP POST requests. |
|---|
| Source | ⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/2.md |
|---|
| User | BabyShark (UID 83915) |
|---|
| Submission | 05/03/2025 10:21 (12 months ago) |
|---|
| Moderation | 05/15/2025 09:23 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 309031 [TOTOLINK A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formMapDelDevice macstr command injection] |
|---|
| Points | 17 |
|---|