CVE-2024-7185 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx buffer overflow

Inserito da Angelo Barbosa | Lug 28, 2024 | CVE

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this issue is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument webWlanIdx leads to buffer overflow.

This vulnerability is handled as CVE-2024-7185. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7185 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx buffer overflow

Post correlati

CVE-2024-7287 | SourceCodester Establishment Billing Management System 1.0 /manage_user.php id sql injection

CVE-2024-4142 | JFrog Artifactory up to 7.84.5 input validation

CVE-2024-8146 | code-projects Pharmacy Management System 1.0 index.php id sql injection

CVE-2024-34525 | vastsa FileCodeBox 2.0 ENV File cleartext storage in a file or on disk (Issue 133)