Lucene search

MitreCVE-2024-42520

HistoryAug 12, 2024 - 3:15 p.m.

CVE-2024-42520

2024-08-1215:15:21

CWE-120

mitre

web.nvd.nist.gov

totolink a3002r

buffer overflow

bin boa

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

EPSS

0.009

Percentile

83.1%

JSON

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.

Affected configurations

Nvd

Node

totolinka3002r_firmwareMatch4.0.0-b20230531.1404

AND

totolinka3002rMatch-

VendorProductVersionCPE
totolinka3002r_firmware4.0.0-b20230531.1404cpe:2.3:o:totolink:a3002r_firmware:4.0.0-b20230531.1404:*:*:*:*:*:*:*
totolinka3002r-cpe:2.3:h:totolink:a3002r:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
totolink	a3002r_firmware	4.0.0-b20230531.1404	cpe:2.3:o:totolink:a3002r_firmware:4.0.0-b20230531.1404:::::::*
totolink	a3002r	-	cpe:2.3:h:totolink:a3002r:-:::::::*

References

github.com/c10uds/totolink_A3002R_stackoverflow

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

EPSS

0.009

Percentile

83.1%

JSON

Related for CVE-2024-42520