CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7213 – Totolink N350RT HTTP POST Request main stack-based overflow
https://notcve.org/view.php?id=CVE-2023-7213
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33 leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/2/README.md https://vuldb.com/?ctiid.249769 https://vuldb.com/?id.249769 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7208 – Totolink X2000R_V2 boa formTmultiAP buffer overflow
https://notcve.org/view.php?id=CVE-2023-7208
A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/unpWn4bL3/iot-security/blob/main/13.md https://vuldb.com/?ctiid.249742 https://vuldb.com/?id.249742 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7187 – Totolink N350RT HTTP POST Request stack-based overflow
https://notcve.org/view.php?id=CVE-2023-7187
A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. • https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/1/README.md https://vuldb.com/?ctiid.249389 https://vuldb.com/?id.249389 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51136
https://notcve.org/view.php?id=CVE-2023-51136
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. Se descubrió que TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web contenía un desbordamiento de pila a través de la función formRebootSchedule. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X2000R/28/1.md https://totolink.cn/home/menu/detail.html?menu_listtpl=download&id=85&ids=36 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51133
https://notcve.org/view.php?id=CVE-2023-51133
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. Se descubrió que TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web contenía un desbordamiento de pila a través de la función formRoute. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X2000R/26/1.md https://totolink.cn/home/menu/detail.html?menu_listtpl=download&id=85&ids=36 • CWE-787: Out-of-bounds Write •