| Titre | TOTOLINK A800R V4.1.2cu.5137_B20200730 Stack-based Buffer Overflow |
|---|
| Description | The TOTOlink A800R router, firmware version V4.1.2cu.5137_B20200730, contains a buffer overflow vulnerability in the setWiFiMultipleConfig interface of /lib/cste_modules/wireless.so. The vulnerability occurs because the wepkey2 parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service. |
|---|
| La source | ⚠️ https://github.com/xyh4ck/iot_poc/blob/main/TOTOLINK/A800R/02_Buffer_Overflow_setWiFiMultipleConfig.md |
|---|
| Utilisateur | xuanyu (UID 36103) |
|---|
| Soumission | 12/04/2026 15:43 (il y a 2 mois) |
|---|
| Modérer | 30/04/2026 16:45 (18 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 360313 [code-projects for Plugin 4.1.2cu.5137 /cgi-bin/cstecgi.cgi setWiFiMultipleConfig wepkey2 buffer overflow] |
|---|
| Points | 20 |
|---|