Published: 08/09/2024 Updated: 03/03/2025

Critical Buffer Overflow in TOTOLINK AC1200 Series - Public Exploit

There is a critical vulnerability in TOTOLINK AC1200 T8 and AC1200 T10 with versions 4.1.5cu.861_B20230220/4.1.8cu.5207. This affects the function setParentalRules in the file /cgi-bin/cstecgi.cgi. Manipulating the desc argument can cause a buffer overflow. The attack can be done remotely. The exploit details are public. The vendor was informed early but did not reply.

Vulnerable Product	Search on Vulmon	Subscribe to Product
totolink t8 firmware 4.1.5cu.861 b20230220
totolink t10 firmware 4.1.8cu.5207

Check Point Reference: CPAI-2024-0991 Date Published: 29 Oct 2024 Severity: Critical ...

CWE-119 CWE-120 https://nvd.nist.gov https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2024-0991.html https://www.first.org/epss https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/AC1200T8/setParentalRules.md https://vuldb.com/?ctiid.276807 https://vuldb.com/?id.276807 https://vuldb.com/?submit.401262 https://www.totolink.net/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-8573

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect