Totolink A3002ru Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Totolink A3002ru Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (49)
CVE-2018-13315 — CVSS 9.8 (critical): Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers to change the admin user's password via an…
CVE-2018-13307 — CVSS 9.8 (critical): System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2"…
CVE-2018-13306 — CVSS 9.8 (critical): System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST…
CVE-2024-34198 — CVSS 9.8 (critical): TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer Overflow. The formWlEncrypt CGI handler in the boa…
CVE-2018-13311 — CVSS 9.8 (critical): System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST…
CVE-2019-19825 — CVSS 9.8 (critical): On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the…
CVE-2018-13316 — CVSS 9.8 (critical): System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST…
CVE-2018-13314 — CVSS 9.8 (critical): System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST…
CVE-2026-26736 — CVSS 8.8 (high): TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the…
CVE-2025-4831 — CVSS 8.8 (high): A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an…
CVE-2025-4832 — CVSS 8.8 (high): A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability…
CVE-2025-4833 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some…
CVE-2025-4834 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an…
CVE-2025-4835 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this…
CVE-2025-6148 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown…
CVE-2025-6163 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615 and classified as critical. Affected by this issue is some unknown…
CVE-2025-6337 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical…
CVE-2025-6393 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1…
CVE-2025-6939 — CVSS 8.8 (high): A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file…
CVE-2025-6953 — CVSS 8.8 (high): A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of…
CVE-2026-26731 — CVSS 8.8 (high): TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the…
CVE-2026-26732 — CVSS 8.8 (high): TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the vpnUser or vpnPassword` parameters…
CVE-2019-19824 — CVSS 8.8 (high): On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the…
CVE-2023-48859 — CVSS 8.8 (high): TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass…
CVE-2025-4730 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is…
CVE-2025-4731 — CVSS 8.8 (high): A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of…
CVE-2025-4732 — CVSS 8.8 (high): A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown…
CVE-2025-4733 — CVSS 8.8 (high): A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects…
CVE-2025-4823 — CVSS 8.8 (high): A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue…
CVE-2025-4824 — CVSS 8.8 (high): A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown…
CVE-2025-4825 — CVSS 8.8 (high): A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects…
CVE-2025-4826 — CVSS 8.8 (high): A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This issue…
CVE-2025-4827 — CVSS 8.8 (high): A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an…
CVE-2025-4829 — CVSS 8.8 (high): A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this vulnerability…
CVE-2025-4830 — CVSS 8.8 (high): A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by…
CVE-2019-19822 — CVSS 7.5 (high): A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the…
CVE-2019-19823 — CVSS 7.5 (high): A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords…
CVE-2018-13313 — CVSS 6.5 (medium): In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page…
CVE-2025-4729 — CVSS 6.3 (medium): A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this…
CVE-2018-13310 — CVSS 6.1 (medium): Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's…
CVE-2018-13317 — CVSS 6.1 (medium): Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to obtain the plaintext password for the admin user…
CVE-2018-13312 — CVSS 6.1 (medium): Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the…
CVE-2018-13309 — CVSS 6.1 (medium): Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's…
CVE-2018-13308 — CVSS 6.1 (medium): Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the…
CVE-2025-5507 — CVSS 2.4 (low): A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is…
CVE-2025-5506 — CVSS 2.4 (low): A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function…
CVE-2025-5508 — CVSS 2.4 (low): A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some…
CVE-2025-5505 — CVSS 2.4 (low): A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown…