Buffer Overflow Vulnerability in TOTOLINK EX1200L Router Firmware

CVE-2024-7338

8.8HIGH

Key Information

Vendor
Totolink
Status
Ex1200l
Vendor
CVE Published:
1 August 2024

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

A severe buffer overflow vulnerability has been identified in the TOTOLINK EX1200L router, specifically within the setParentalRules function located in the /cgi-bin/cstecgi.cgi file. This vulnerability is triggered by manipulating the week, sTime, or eTime arguments. An unauthenticated remote attacker could exploit this flaw to execute arbitrary code on the router, potentially allowing for the complete takeover of the device. This critical issue has been publicized, raising concerns about its exploitation in the wild. TOTOLINK has been notified of this vulnerability but has not provided any response or mitigation guidance.

Affected Version(s)

EX1200L = 9.3.5u.6146_B20201023

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-7338 - Proof of Concept

References

https://vuldb.com/?id.273261
vdb-entrytechnical-description
https://vuldb.com/?ctiid.273261
signaturepermissions-required
https://vuldb.com/?submit.379316
third-party-advisory

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)

Credit

yhryhryhr_tu (VulDB User)
.