Totolink N200RE cstecgi.cgi setParentalRules stack-based overflow
CVE-2024-0999

8.8HIGH

Key Information:

Vendor
Totolink
Status
N200RE
Vendor
CVE Published:
29 January 2024

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A vulnerability exists in the Totolink N200RE router, specifically affecting the 'setParentalRules' function within the /cgi-bin/cstecgi.cgi file. The issue arises due to improper handling of the 'eTime' argument, which can lead to a stack-based buffer overflow. This flaw allows remote attackers to exploit the device without needing physical access, making it a significant risk. The vulnerability has been publicly disclosed, highlighting the urgency for users to apply necessary mitigations or upgrades to protect their networks.

Affected Version(s)

N200RE 9.3.5u.6139_B20201216

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-0999 - Proof of Concept

References

https://vuldb.com/?id.252268
vdb-entrytechnical-description
https://vuldb.com/?ctiid.252268
signaturepermissions-required
https://jylsec.notion.site/TOTOLINK-N200RE-has-stack-buff...
exploit

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

jylsec (VulDB User)
.