| 제목 | TOTOLINK LR1200GB V9.1.0u.6619_B20230130 Buffer Overflow |
|---|
| 설명 | A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated and potentially lead to Remote Code Execution due to a stack overflow vulnerability in the web interface.The loginAuth function within the cstecgi.cgi implementation handles the authentication process, parsing parameters such as username, password, verify, flag, and topicurl from the incoming request and there are some hidden parameters like http_host which is taken from the client has stack buffer overflow can potentially lead to authentication bypass and successively we can achieve remote code execution. |
|---|
| 원천 | ⚠️ https://gist.github.com/manishkumarr1017/30bca574e2f0a6d6336115ba71111984 |
|---|
| 사용자 | manish1017 (UID 63661) |
|---|
| 제출 | 2024. 02. 14. AM 04:26 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 02. 22. PM 08:00 (9 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 254574 [Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810 Web Interface /cgi-bin/cstecgi.cgi loginAuth http_host 메모리 손상] |
|---|
| 포인트들 | 0 |
|---|