Stack Buffer Overflow in TOTOLINK CP450
CVE-2024-34207

8.8HIGH

Key Information:

Vendor: TOTOLINK
Status: Cp450 Firmware
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-34207?

The TOTOLINK CP450 is affected by a stack buffer overflow vulnerability located in the setStaticDhcpConfig function. This vulnerability allows an attacker to potentially exploit the buffer overflow, leading to further exploitation. Proper validation and security measures should be implemented to mitigate this risk.

References

https://github.com/n0wstr/IOTVuln/tree/main/CP450/setStat...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024