Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 Router
CVE-2024-46419

9.8CRITICAL

Key Information:

Vendor: Totolink
Status: T8 Firmware
Vendor: CVE Published:; 16 September 2024

Summary

The TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 is affected by a buffer overflow vulnerability located in the setWizardCfg function, which is triggered when processing the ssid5g parameter. This flaw could allow an attacker to craft malicious input that could potentially lead to unauthorized access or disruption of the device’s operation. Addressing this vulnerability is critical to ensuring the security and integrity of the network.

References

https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main...

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2024

Collectors

NVD Database