Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setParentalRules sTime stack-based overflow

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. Using CWE to declare the problem leads to CWE-121. The weakness was published 01/16/2024. The advisory is available at github.com. This vulnerability is handled as CVE-2024-0574. The attack may be launched remotely. Technical details are available. Furthermore, there is an exploit available. The exploit has been disclosed to the public and may be used. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. It is declared as proof-of-concept. The exploit is available at github.com. As 0-day the estimated underground price was around $0-$5k. The vendor was contacted early about this disclosure but did not respond in any way. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field01/16/2024 08:11 AM02/03/2024 06:25 PM02/03/2024 06:33 PM
vendorTotolinkTotolinkTotolink
nameLR1200GBLR1200GBLR1200GB
version9.1.0u.6619_B202301309.1.0u.6619_B202301309.1.0u.6619_B20230130
file/cgi-bin/cstecgi.cgi/cgi-bin/cstecgi.cgi/cgi-bin/cstecgi.cgi
functionsetParentalRulessetParentalRulessetParentalRules
argumentsTimesTimesTime
cwe121 (stack-based overflow)121 (stack-based overflow)121 (stack-based overflow)
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
urlhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.mdhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.mdhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.md
availability111
publicity111
urlhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.mdhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.mdhttps://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.md
cveCVE-2024-0574CVE-2024-0574CVE-2024-0574
responsibleVulDBVulDBVulDB
response_summaryThe vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.
date1705359600 (01/16/2024)1705359600 (01/16/2024)1705359600 (01/16/2024)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss2_vuldb_auSSS
cvss2_vuldb_rlNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore9.09.09.0
cvss2_vuldb_tempscore7.77.77.7
cvss3_vuldb_basescore8.88.88.8
cvss3_vuldb_tempscore8.08.08.0
cvss3_meta_basescore8.88.89.1
cvss3_meta_tempscore8.08.08.9
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1705359600 (01/16/2024)1705359600 (01/16/2024)
cve_nvd_summaryA vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250790 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250790 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cH
cvss3_cna_iH
cvss3_cna_aH
cve_cnaVulDB
cvss2_nvd_basescore9.0
cvss3_nvd_basescore9.8
cvss3_cna_basescore8.8

Might our Artificial Intelligence support you?

Check our Alexa App!