Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 Router
CVE-2024-8078

9.8CRITICAL

Key Information:

Vendor: Totolink
Status: Ac1200 T8
Vendor: CVE Published:; 22 August 2024

Summary

A serious vulnerability exists in the TOTOLINK AC1200 T8 router, specifically in the setTracerouteCfg function. This flaw can lead to a buffer overflow, allowing remote attackers to execute arbitrary code on the device. The vulnerability has been confirmed in version 4.1.5cu.862_B20230228, which raises significant security concerns. Despite early notifications sent to the vendor, there has been no response regarding this issue. Network administrators using affected models should prioritize patching this vulnerability to mitigate potential exploitation that could compromise network integrity.

Affected Version(s)

AC1200 T8 4.1.5cu.862_B20230228

References

https://vuldb.com/?id.275560

vdb-entrytechnical-description

https://vuldb.com/?ctiid.275560

signaturepermissions-required

https://github.com/hawkteam404/RnD_Public/blob/main/TOTOL...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2024

Collectors

NVD DatabaseMitre Database