CVE-2024-7331 | TOTOLINK A3300R 17.0.0cu.557_B20221024 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

Posted by Angelo Barbosa | Jul 31, 2024 | CVE

A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow.

This vulnerability is handled as CVE-2024-7331. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7331 | TOTOLINK A3300R 17.0.0cu.557_B20221024 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

Related Posts

CVE-2024-21651 | XWiki xwiki-platform-distribution-war Attachment denial of service

CVE-2024-25602 | Liferay Portal/DXP Users Admin Module Name cross site scripting

CVE-2024-37034 | Couchbase Server up to 7.2.4/7.6.0 KV Service inadequate encryption

CVE-2024-8642 | Eclipse EDC Connector up to 0.8.x incorrect implementation of authentication algorithm