CVE-2024-35387 | Totolink LR350 9.3.5u.6369_B20220309 loginAuth http_host stack-based overflow

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. It has been declared as critical. This vulnerability affects the function loginAuth. The manipulation of the argument http_host leads to stack-based buffer overflow.

This vulnerability was named CVE-2024-35387. The attack can be initiated remotely. There is no exploit available.

CVE-2024-35387 | Totolink LR350 9.3.5u.6369_B20220309 loginAuth http_host stack-based overflow

Post correlati

CVE-2024-34822 | weMail Plugin up to 1.14.2 on WordPress Notice Dismissal authorization

CVE-2024-6545 | Admin Trim Interface Plugin up to 3.5.1 on WordPress information disclosure

CVE-2024-36421 | FlowiseAI Flowise up to 1.4.3 origin validation (GHSL-2023-232)

CVE-2024-40336 | idcCMS 1.35 Image Advertising Management cross site scripting