提交 #600734: TOTOLINK A3002R V1.1.1-B20200824.0128 Stack-based Buffer Overflow信息

标题TOTOLINK A3002R V1.1.1-B20200824.0128 Stack-based Buffer Overflow
描述We found an stack overflow vulnerability in TOTOLINK router with firmware which was released recently, allows remote attackers to crash the server.In the router's formDhcpv6s function, dnsaddr、interfacenameds、addrPoolStart、addrPoolEnd is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the dnsaddr、interfacenameds、addrPoolStart、addrPoolEnd to execute arbitrary code.
来源⚠️ https://github.com/wudipjq/my_vuln/blob/main/totolink3/vuln_41/41.md
用户
 pjq123 (UID 86618)
提交2025-06-19 17時54分 (1 年前)
管理2025-06-21 08時00分 (2 days later)
状态重复
VulDB条目309666 [TOTOLINK A3002R 4.0.0-B20230531.1404 formDhcpv6s interfacenameds 内存损坏]
积分0

Might our Artificial Intelligence support you?

Check our Alexa App!