cve/CVE-2024-7909.md at c052d0d6949679697108fa931a00cd4220694869

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 18:50:38 +00:00

0xMarcio e1800aedb5 Update CVE sources 2024-08-26 18:34

2024-08-26 18:34:01 +00:00

Description

A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. Affected by this vulnerability is the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

POC

Reference

https://github.com/BeaCox/IoT_vuln/tree/main/totolink/EX1200L/setLanguageCfg_bof

Github

No PoCs found on GitHub currently.

1.0 KiB Raw Blame History

CVE-2024-7909

Description

POC

Reference

Github

1.0 KiB

Raw Blame History