Published: 08/09/2024 Updated: 09/09/2024

Remote Buffer Overflow in TOTOLINK AC1200 Routers

A critical vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 versions 4.1.5cu.861_B20230220 and 4.1.8cu.5207. This affects the setStaticDhcpRules function in the file /cgi-bin/cstecgi.cgi. Manipulating the desc argument can cause a buffer overflow. This attack can be done remotely. The exploit has been shared publicly and can be used. The vendor was informed early but did not reply.

Vulnerable Product	Search on Vulmon	Subscribe to Product
totolink t8 firmware 4.1.5cu.861 b20230220
totolink t10 firmware 4.1.8cu.5207

Check Point Reference: CPAI-2024-0991 Date Published: 29 Oct 2024 Severity: Critical ...

CWE-120 https://nvd.nist.gov https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2024-0991.html https://www.first.org/epss https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setStaticDhcpRules.md https://vuldb.com/?ctiid.276811 https://vuldb.com/?id.276811 https://vuldb.com/?submit.401265 https://www.totolink.net/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-8577

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect