Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228
CVE-2024-8076

9.8CRITICAL

Key Information:

Vendor: TOTOLINK
Status: T8 Firmware
Vendor: CVE Published:; 22 August 2024

What is CVE-2024-8076?

A vulnerability exists in the TOTOLINK AC1200 T8 router, specifically within the setDiagnosisCfg function, which is susceptible to buffer overflow conditions. This flaw could potentially allow attackers to exploit the device remotely, potentially compromising its functionality and security. Despite outreach to TOTOLINK for addressing the issue, there was no response regarding the vulnerability disclosure, raising concerns about the device's long-term security management.

References

https://vuldb.com/?id.275558

https://vuldb.com/?ctiid.275558

https://github.com/hawkteam404/RnD_Public/blob/main/TOTOL...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2024