{"uuid": "11d0689e-81a2-4b73-a860-f0a3f3ef8390", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4729", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16590", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4729\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-15T23:31:06.917Z\n\ud83d\udccf Modified: 2025-05-15T23:31:06.917Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309031\n2. https://vuldb.com/?ctiid.309031\n3. https://vuldb.com/?submit.570686\n4. https://github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/2.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-05-16T00:34:19.000000Z"}