CVE-2024-8579 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /cgi-bin/cstecgi.cgi setWiFiRepeaterCfg password buffer overflow

Posted by Angelo Barbosa | Sep 7, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This affects the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2024-8579. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8579 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /cgi-bin/cstecgi.cgi setWiFiRepeaterCfg password buffer overflow

Related Posts

CVE-2024-1441 | libvirt udevListInterfacesByStatus off-by-one

CVE-2024-3920 | Flattr Plugin up to 1.2.2 on WordPress Setting cross site scripting

CVE-2024-39678 | XjSv Cooked Plugin up to 1.7.15.4 on WordPress cross-site request forgery (GHSA-pp3h-ghxf-r9pc)

CVE-2024-21146 | Oracle Trade Management up to 12.2.13 GL Accounts improper authorization