Lucene search

CVE-2024-7336

🗓️ 01 Aug 2024 03:01:15Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 54 Views🌐 WEB

Vulnerability in TOTOLINK EX200 4.0.3c.7646_B2020121

Reporter	Title	Published	Views	Family All 4
NVD	CVE-2024-7336	1 Aug 202403:15	–	nvd
RedhatCVE	CVE-2024-7336	5 Feb 202511:58	–	redhatcve
Cvelist	CVE-2024-7336 TOTOLINK EX200 cstecgi.cgi loginauth buffer overflow	1 Aug 202402:31	–	cvelist
Vulnrichment	CVE-2024-7336 TOTOLINK EX200 cstecgi.cgi loginauth buffer overflow	1 Aug 202402:31	–	vulnrichment

Nvd

Node

totolink ex200_firmwareMatch4.0.3c.7646_b20201211

AND

totolink ex200Match-

[
  {
    "vendor": "TOTOLINK",
    "product": "EX200",
    "versions": [
      {
        "version": "4.0.3c.7646_B20201211",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/EX200/loginauth.md
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
http_host	query param	/cgi-bin/cstecgi.cgi	Buffer overflow vulnerability in the loginauth function caused by improper handling of the http_host parameter.	CWE-120

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Aug 2024 03:15Current

8.9High risk

Vulners AI Score8.9

CVSS29

CVSS38.8

CVSS48.7

EPSS0.00427

SSVC

CWE-120