Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 Router
CVE-2024-46424

7.5HIGH

Key Information:

Vendor: Totolink
Status: T8 Firmware
Vendor: CVE Published:; 16 September 2024

What is CVE-2024-46424?

The TOTOLINK AC1200 T8 router version v4.1.5cu.861_B20230220 is susceptible to a buffer overflow vulnerability in the UploadCustomModule function. This security flaw allows attackers to exploit the router through the File parameter, potentially resulting in a Denial of Service (DoS) condition. As a consequence, legitimate users may experience loss of access to critical functionalities. It is imperative for users and organizations utilizing this product to evaluate their exposure and consider appropriate patching or mitigation steps to safeguard their networks.

References

https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024

Totolink

What is CVE-2024-46424?

References

CVSS V3.1

Timeline