CVE-2024-1002 - CERT CVE
ID CVE-2024-1002
Sažetak A vulnerability classified as critical was found in Totolink N200RE 9.3.5u.6139_B20201216. Affected by this vulnerability is the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ePort leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Reference
CVSS
Base: 8.3
Impact: 10.0
Exploitability:6.4
Pristup
VektorSloženostAutentikacija
NETWORK LOW MULTIPLE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:N/AC:L/Au:M/C:C/I:C/A:C
Zadnje važnije ažuriranje 29-01-2024 - 14:25
Objavljeno 29-01-2024 - 14:15