CVE-2024-7337 | TOTOLINK EX1200L 9.3.5u.6146_B20201023 /cgi-bin/cstecgi.cgi loginauth http_host buffer overflow

Inserito da Angelo Barbosa | Lug 31, 2024 | CVE

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow.

This vulnerability is handled as CVE-2024-7337. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7337 | TOTOLINK EX1200L 9.3.5u.6146_B20201023 /cgi-bin/cstecgi.cgi loginauth http_host buffer overflow

Post correlati

Digirisk Plugin cross site scripting

CVE-2024-44956 | Linux Kernel up to 6.10.4 preempt_fence_work_func deadlock (458bb83119df/3cd1585e5790)

CVE-2024-40479 | Kashipara Online Exam System 1.0 /admin/quizquestion.php eid sql injection

CVE-2024-7609 | Vidco Software VOC TESTER prior 12.34.8 path traversal