Post-Authentication Buffer Overflow in TOTOLINK Router
CVE-2022-44253
8.8HIGH
Summary
The TOTOLINK LR350 router, specifically version V9.3.5u.6369_B20220309, is susceptible to a buffer overflow vulnerability that occurs after user authentication. This vulnerability emerges in the setDiagnosisCfg function via the 'ip' parameter. If exploited, an attacker could manipulate this vulnerability to potentially execute arbitrary code or disrupt normal operation, posing significant risks to network security.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved