Buffer Overflow Vulnerability in TOTOLINK A7000R
CVE-2024-7212

8.8HIGH

Key Information:

Vendor: TOTOLINK
Status: A7000r Firmware
Vendor: CVE Published:; 30 July 2024

What is CVE-2024-7212?

A significant buffer overflow vulnerability has been identified in the TOTOLINK A7000R router, specifically affecting version 9.1.0u.6268_B20220504. This vulnerability occurs in the loginauth function of the cstecgi.cgi file, where improper handling of the password argument can lead to unintended memory access and potential remote code execution. As the issue has been publicly disclosed, it poses a risk to users who may be targeted through remote attacks. Given the lack of communication from the vendor following early disclosure, users are strongly advised to review their device configurations and implement necessary security measures immediately to mitigate the threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.272783

https://vuldb.com/?ctiid.272783

https://vuldb.com/?submit.378312

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 30, 2024

JSON

TOTOLINK

What is CVE-2024-7212?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.