TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks.
Metrics
Affected Vendors & Products
References
History
Fri, 30 Aug 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Totolink
Totolink a3002r Totolink a3002r Firmware |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:h:totolink:a3002r:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:a3002r_firmware:1.1.1-b20200824:*:*:*:*:*:*:* |
|
Vendors & Products |
Totolink
Totolink a3002r Totolink a3002r Firmware |
Wed, 28 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-121 | |
Metrics |
cvssV3_1
|
Wed, 28 Aug 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-08-28T00:00:00
Updated: 2024-08-28T20:04:26.789Z
Reserved: 2024-05-02T00:00:00
Link: CVE-2024-34195
Vulnrichment
Updated: 2024-08-28T20:03:04.136Z
NVD
Status : Analyzed
Published: 2024-08-28T20:15:07.580
Modified: 2024-08-30T15:59:08.873
Link: CVE-2024-34195
Redhat
No data.