CNNVD-202507-3175 Information

Jul 25, 2025 cve

CNNVD ID

CNNVD-202507-3175

CVE-2025-8140

CNNVD Published: 2025-07-25

Description (Chinese)

TOTOLINK A702r是中国吉翁电子（TOTOLINK）公司的一款路由器设备。 TOTOLINK A702R 4.0.0-B20230721.1521版本存在安全漏洞，该漏洞源于HTTP POST请求处理组件中文件/boafrm/formWlanMultipleAP对参数submit-url的错误操作导致缓冲区溢出。

Description (English)

TOTOLINK A702r is a router equipment of the Chinese company TOTOLINK. TOTOLINK A702R 4.0.0-B202300721.1521 contains a security loophole resulting from the error in the handling of the file/boafrm/formWlanMultipleAP against the parameter submit-url in the HTTTP POST request for processing.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

吉翁电子

Published

2025-07-25

Last Modified

2026-02-24

References

https://github.com/panda666-888/vuls/blob/main/totolink/a702r/formWlanMultipleAP.md https://vuldb.com/?ctiid.317536 https://vuldb.com/?id.317536 https://vuldb.com/?submit.620486 https://www.totolink.net/ https://access.redhat.com/security/cve/cve-2025-8140

Share on: