Published: 08/09/2024 Updated: 09/09/2024

Critical Buffer Overflow in TOTOLINK AC1200 Routers

A critical vulnerability is present in TOTOLINK AC1200 T8 and AC1200 T10 versions 4.1.5cu.861_B20230220/4.1.8cu.5207. It affects the function setIpPortFilterRules in the file /cgi-bin/cstecgi.cgi. Manipulating the desc argument here causes a buffer overflow. This can be exploited remotely. The exploit has been publicly disclosed. The vendor was informed early about this issue, but they did not respond.

Vulnerable Product	Search on Vulmon	Subscribe to Product
totolink t8 firmware 4.1.5cu.861 b20230220
totolink t10 firmware 4.1.8cu.5207

Check Point Reference: CPAI-2024-0991 Date Published: 29 Oct 2024 Severity: Critical ...

CWE-120 CWE-120 https://nvd.nist.gov https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2024-0991.html https://www.first.org/epss https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setIpPortFilterRules.md https://vuldb.com/?ctiid.276810 https://vuldb.com/?id.276810 https://vuldb.com/?submit.401264 https://www.totolink.net/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-8576

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect