CVE-2024-7186 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWiFiAclAddConfig comment buffer overflow

Inserito da Angelo Barbosa | Lug 28, 2024 | CVE

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. This affects the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2024-7186. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7186 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWiFiAclAddConfig comment buffer overflow

Post correlati

CVE-2024-4373 | shaonsina Sina Extension for Elementor Plugin up to 3.5.3 on WordPress cross site scripting

CVE-2024-3987 | WP Mobile Menu Plugin up to 2.8.4.2 on WordPress Image Alt cross site scripting

CVE-2024-10979 | PostgreSQL up to 17.0 Environment Variable external control of system or configuration setting

CVE-2024-3528 | Campcodes Complete Online Student Management System 1.0 units_view.php FirstRecord cross site scripting