CVE-2024-42547

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*

History

13 Aug 2024, 17:08

Type Values Removed Values Added
First Time Totolink
Totolink a3100r Firmware
Totolink a3100r
CPE cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*
References () https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth.md - () https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth.md - Exploit, Third Party Advisory

13 Aug 2024, 15:35

Type Values Removed Values Added
CWE CWE-120
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

13 Aug 2024, 12:58

Type Values Removed Values Added
Summary
  • (es) TOTOLINK A3100R V4.1.2cu.5050_B20200504 tiene una vulnerabilidad de desbordamiento del búfer en el parámetro http_host en la función loginauth.

12 Aug 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 19:15

Updated : 2024-08-13 17:08


NVD link : CVE-2024-42547

Mitre link : CVE-2024-42547

CVE.ORG link : CVE-2024-42547


JSON object : View

Products Affected

totolink

  • a3100r_firmware
  • a3100r
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')