TOTOLINK A3002RU is a wireless router product from Taiwan-based TOTOLINK Corporation. tr069config.htm in TOTOLINK A3002R version V1.1.1-B20200824 contains a security vulnerability that allows attackers to exploit it by modifying the " username" field or βpasswordβ field to execute arbitrary JavaScript.