| Название | Totolink EX1800T V9.1.0cu.2112_B20220316 Stack-based Buffer Overflow |
|---|
| Описание | TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a stack-based buffer overflow vulnerability. This vulnerability afferts the setPasswordCfg interface of the file cstecgi.cgi. The manipulation of the argument 'admpass' leads to buffer overflow. This vulnerability don't need to login, due to insufficient input validation and sanitization, an attacker can exploit this flaw by input malicious data through the admpass field. Successful exploitation allows the attacker to get shell or cause ddos.
|
|---|
| Источник | ⚠️ https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2002%20setPasswordCfg-_admpass.md |
|---|
| Пользователь | selph (UID 82377) |
|---|
| Представление | 06.03.2025 08:39 (1 Год назад) |
|---|
| Модерация | 16.03.2025 13:52 (10 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 299868 [TOTOLINK EX1800T до 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setPasswordCfg admpass повреждение памяти] |
|---|
| Баллы | 20 |
|---|