Skip to main content

A3002Mu CVE-2026-6194

| EUVDEUVD-2026-22034 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-04-13 VulDB GHSA-wcjg-f74r-f452
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 22, 2026 - 20:37 vuln.today
cvss_changed
PoC Detected
Apr 22, 2026 - 20:23 vuln.today
Public exploit code
Analysis Generated
Apr 15, 2026 - 12:31 vuln.today
CVSS changed
Apr 13, 2026 - 18:22 NVD
8.8 (HIGH) 7.4 (HIGH)
EUVD ID Assigned
Apr 13, 2026 - 18:00 euvd
EUVD-2026-22034
Analysis Generated
Apr 13, 2026 - 18:00 vuln.today
CVE Published
Apr 13, 2026 - 17:15 nvd
HIGH 7.4

DescriptionCVE.org

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

AnalysisAI

Stack-based buffer overflow in Totolink A3002MU router firmware B20211125.1046 allows authenticated remote attackers to execute arbitrary code via crafted 'wan-url' parameter in /boafrm/formWlanSetup endpoint. Publicly available exploit code exists (PoC on GitHub). EPSS score of 0.08% (23rd percentile) indicates low observed exploitation probability despite public exploit, likely due to authentication requirement (PR:L) and narrow attack surface of legacy consumer router product.

Technical ContextAI

The vulnerability affects the formWlanSetup HTTP request handler in Totolink A3002MU wireless router firmware, specifically function sub_410188. This is a classic stack-based buffer overflow (CWE-121) caused by insufficient bounds checking when processing the 'wan-url' parameter during WLAN configuration operations. The affected component is the router's web management interface at path /boafrm/formWlanSetup. Stack-based buffer overflows occur when more data is written to a fixed-size stack buffer than it can hold, potentially overwriting return addresses or function pointers stored on the stack, enabling control flow hijacking and arbitrary code execution. The CPE identifier cpe:2.3:a:totolink:a3002mu confirms this affects Totolink's A3002MU product line, a consumer-grade wireless router typically used in small office/home environments.

RemediationAI

Totolink has not released a patched firmware version for the A3002MU at the time of this analysis according to available data sources. Organizations using Totolink A3002MU routers with firmware B20211125.1046 should check the vendor website at https://www.totolink.net/ for updated firmware releases. Until a patch is available, implement network segmentation to restrict management interface access to trusted administration networks only, disable remote administration features if not required, enforce strong authentication credentials for administrative accounts, and monitor logs for suspicious authentication attempts or unusual configuration changes to /boafrm/formWlanSetup endpoints. Consider replacing affected devices with alternative router products if vendor support appears discontinued. Reference VulDB entry 357116 at https://vuldb.com/vuln/357116 for ongoing updates on patch availability.

Share

CVE-2026-6194 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy