2 matches found
CVE-2024-22660
The CVE-2024-22660 entry concerns the TOTOLINK A3700R family. A stack overflow vulnerability exists in the setLanguageCfg function, triggered by improper input validation, and affects TOTOLINK A3700R devices (notably version 9.1.2u.6165, build 20211012). The root cause is a buffer/stack overflow ...
CVE-2023-46574
The vulnerability CVE-2023-46574 affects TOTOLINK A3700R (v9.1.2u.6165_20211012). Affected component: UploadFirmwareFile function; root cause: lack of input sanitization in the FileName parameter, enabling remote code execution by an unauthenticated attacker. Impact: remote execution leading to f...