Описание
A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub_4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
Ссылки
- Broken Link
- Broken Link
- Permissions Required
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:totolink:a702r_firmware:4.0.0-b20211108.1423:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a702r:-:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00143
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119
EPSS
Процентиль: 35%
0.00143
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-119