Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
AnalysisAI
Stack-based buffer overflow in Totolink A3002MU router firmware B20211125.1046 allows authenticated remote attackers to execute arbitrary code via crafted 'wan-url' parameter in /boafrm/formWlanSetup endpoint. Publicly available exploit code exists (PoC on GitHub). EPSS score of 0.08% (23rd percentile) indicates low observed exploitation probability despite public exploit, likely due to authentication requirement (PR:L) and narrow attack surface of legacy consumer router product.
Technical ContextAI
The vulnerability affects the formWlanSetup HTTP request handler in Totolink A3002MU wireless router firmware, specifically function sub_410188. This is a classic stack-based buffer overflow (CWE-121) caused by insufficient bounds checking when processing the 'wan-url' parameter during WLAN configuration operations. The affected component is the router's web management interface at path /boafrm/formWlanSetup. Stack-based buffer overflows occur when more data is written to a fixed-size stack buffer than it can hold, potentially overwriting return addresses or function pointers stored on the stack, enabling control flow hijacking and arbitrary code execution. The CPE identifier cpe:2.3:a:totolink:a3002mu confirms this affects Totolink's A3002MU product line, a consumer-grade wireless router typically used in small office/home environments.
RemediationAI
Totolink has not released a patched firmware version for the A3002MU at the time of this analysis according to available data sources. Organizations using Totolink A3002MU routers with firmware B20211125.1046 should check the vendor website at https://www.totolink.net/ for updated firmware releases. Until a patch is available, implement network segmentation to restrict management interface access to trusted administration networks only, disable remote administration features if not required, enforce strong authentication credentials for administrative accounts, and monitor logs for suspicious authentication attempts or unusual configuration changes to /boafrm/formWlanSetup endpoints. Consider replacing affected devices with alternative router products if vendor support appears discontinued. Reference VulDB entry 357116 at https://vuldb.com/vuln/357116 for ongoing updates on patch availability.
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22034
GHSA-wcjg-f74r-f452