| Titel | TOTOLINK A800R V4.1.2cu.5137_B20200730 Stack-based Buffer Overflow |
|---|
| Beschreibung | The TOTOlink A800R router, firmware version V4.1.2cu.5137_B20200730, contains a buffer overflow vulnerability in the setWiFiMultipleConfig interface of /lib/cste_modules/wireless.so. The vulnerability occurs because the wepkey2 parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service. |
|---|
| Quelle | ⚠️ https://github.com/xyh4ck/iot_poc/blob/main/TOTOLINK/A800R/02_Buffer_Overflow_setWiFiMultipleConfig.md |
|---|
| Benutzer | xuanyu (UID 36103) |
|---|
| Einreichung | 12.04.2026 15:43 (vor 2 Monaten) |
|---|
| Moderieren | 30.04.2026 16:45 (18 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 360313 [code-projects for Plugin 4.1.2cu.5137 /cgi-bin/cstecgi.cgi setWiFiMultipleConfig wepkey2 Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|