CVE-2024-8579

🗓️ 08 Sep 2024 19:31:05Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

Vulnerability in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 with remote attack vecto

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-8579	8 Sep 202422:55	–	circl
CNNVD	TOTOLINK AC1200 安全漏洞	8 Sep 202400:00	–	cnnvd
CNVD	TOTOLINK AC1200 setWiFiRepeaterCfg method password parameter buffer overflow vulnerability	11 Sep 202400:00	–	cnvd
Cvelist	CVE-2024-8579 TOTOLINK AC1200 T8 cstecgi.cgi setWiFiRepeaterCfg buffer overflow	8 Sep 202419:31	–	cvelist
EUVD	EUVD-2024-49282	3 Oct 202520:07	–	euvd
NVD	CVE-2024-8579	8 Sep 202420:15	–	nvd
OSV	CVE-2024-8579	8 Sep 202420:15	–	osv
Positive Technologies	PT-2024-39116 · Totolink · Totolink Ac1200 T8	8 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-8579	4 Feb 202522:39	–	redhatcve
Vulnrichment	CVE-2024-8579 TOTOLINK AC1200 T8 cstecgi.cgi setWiFiRepeaterCfg buffer overflow	8 Sep 202419:31	–	vulnrichment

NVD

Node

totolink t8_firmwareMatch4.1.5cu.861_b20230220

AND

totolink t8Match-

[
  {
    "vendor": "TOTOLINK",
    "product": "AC1200 T8",
    "versions": [
      {
        "version": "4.1.5cu.861_B20230220",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
totolink	www.totolink.net/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/setWiFiRepeaterCfg.md

Parameter	Position	Path	Description	CWE
password	request body	/cgi-bin/cstecgi.cgi	Buffer overflow via manipulated password parameter in setWiFiRepeaterCfg call.	CWE-120

10 Sep 2024 15:47Current

8.9High risk

Vulners AI Score8.9

CVSS 3.18.8 - 9.8

CVSS 48.7

CVSS 29

CVSS 38.8

EPSS0.00296

SSVC

CWE-120