Stack Buffer Overflow in TOTOLINK CP450 Products
CVE-2024-34203

3.8LOW

Key Information:

Vendor: TOTOLINK
Status: Cp450 Firmware
Vendor: CVE Published:; 14 May 2024

Summary

The TOTOLINK CP450 version v4.1.0cu.747_B20191224 is vulnerable due to a stack buffer overflow in the setLanguageCfg function. This vulnerability can be exploited to manipulate memory allocation, potentially allowing unauthorized access or execution of arbitrary code. Proper security measures should be implemented to safeguard against potential exploitation and protect user data and device functionality.

References

https://github.com/n0wstr/IOTVuln/tree/main/CP450/setLang...

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024