Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2024-04921
HistoryJan 11, 2024 - 12:00 a.m.

TOTOLINK N350RT password parameter buffer overflow vulnerability

2024-01-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
totolink n350rt
buffer overflow
loginauth
remote attacker
arbitrary code
denial of service
cnvd

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

51.4%

The TOTOLINK N350RT is a small home router from China’s Gion Electronics (TOTOLINK). The TOTOLINK N350RT suffers from a buffer overflow vulnerability that originates from the failure of the password parameter of the loginAuth function on the /cgi-bin/cstecgi.cgi page to correctly validate the length of the input data, which can be exploited by a remote attacker to execute arbitrary code on the system or cause a denial of service attack.

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

51.4%

Related for CNVD-2024-04921