CVE-2024-0578 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi UploadCustomModule File stack-based overflow

Inserito da Angelo Barbosa | Gen 16, 2024 | CVE

A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2024-0578. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0578 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi UploadCustomModule File stack-based overflow

Post correlati

CVE-2024-32698 | Leevio Happy Addons for Elementor Plugin up to 3.10.4 on WordPress cross site scripting

CVE-2024-33787 | Hengan Weighing Management Information Query Platform 2019-2021 53.25 search_user.aspx tuser_Number sql injection

CVE-2024-3690 | PHPGurukul Small CRM 3.0 Change Password sql injection

CVE-2024-7313 | Shield Security Plugin up to 20.0.5 on WordPress cross-site request forgery