CVE-2024-8575 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /cgi-bin/cstecgi.cgi setWiFiScheduleCfg desc buffer overflow

Posted by Angelo Barbosa | Sep 7, 2024 | CVE

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 and classified as critical. This issue affects the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow.

The identification of this vulnerability is CVE-2024-8575. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8575 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /cgi-bin/cstecgi.cgi setWiFiScheduleCfg desc buffer overflow

Related Posts

CVE-2024-1119 | Order Tip for WooCommerce Plugin up to 1.3.1 on WordPress Data Export authorization

CVE-2024-30308 | Adobe Substance 3D Painter up to 9.1.2 out-of-bounds (apsb24-31)

CVE-2024-24749 | GeoServer up to 2.23.4/2.24.2 path traversal (GHSA-jhqx-5v5g-mpf3)

CVE-2024-47574 | Fortinet FortiClientWindows up to 6.4.10/7.0.12/7.2.4/7.4.0 Named Pipe Message authentication bypass (FG-IR-24-199)