9.1.0U.6369B20230113

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

totolink

CWE-787

NVD

Published: 2023-05-31

Updated: 2023-06-06

Summary

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function.

Vulnerable Configurations

Part	Description	Count
OS	Totolink Totolink X5000R Firmware 9.1.0U.6118_B20201102 Totolink X5000R Firmware 9.1.0U.6369_B20230113	2
Hardware	Totolink Totolink X5000R -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/5