CVE-2024-7463 | TOTOLINK CP900 6.3c.566 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

Inserito da Angelo Barbosa | Ago 4, 2024 | CVE

A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow.

This vulnerability was named CVE-2024-7463. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7463 | TOTOLINK CP900 6.3c.566 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

Post correlati

CVE-2024-42504 | HPE IceWall Federation Agent cross-site request forgery

CVE-2024-28327 | Asus RT-N12+ B1 Setting cleartext storage

CVE-2024-34739 | Google Android 12/12L/13/14 UsbProfileGroupSettingsManager.java shouldRestrictOverlayActivities escape output

CVE-2024-2973 | Juniper Networks Session Smart Router authentication bypass (JSA83126)