Daddyshark

**Name of the Vulnerable Software and Affected Versions** H3C GR-5400AX versions up to 100R008 **Description** A critical issue was found in the EditWlanMacList function of the file /routing/goform/aspForm, which can be exploited remotely. The manipulation of the `param` argument leads to a buffer overflow. The exploit has been disclosed to the public. The vendor was contacted about this issue but did not respond. **Recommendations** For H3C GR-5400AX versions up to 100R008, as a temporary workaround, consider disabling the EditWlanMacList function until a patch is available. Restrict access to the /routing/goform/aspForm file to minimize the risk of exploitation. Avoid using the `param` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TOTOLINK N300RH version 6.1c.1390 B20191101 Description: A critical issue affects the function `CloudACMunualUpdateUserdata` of the file "/cgi-bin/cstecgi.cgi". The manipulation of the `url` argument leads to command injection. This issue can be exploited remotely. Recommendations: For TOTOLINK N300RH version 6.1c.1390 B20191101, as a temporary workaround, consider disabling the `CloudACMunualUpdateUserdata` function until a patch is available. Restrict access to the "/cgi-bin/cstecgi.cgi" file to minimize the risk of exploitation. Avoid using the `url` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N300RH version 6.1c.1390 B20191101 **Description** A critical vulnerability has been found in the TOTOLINK N300RH router. This issue affects the `setUnloadUserData` function of the `/cgi-bin/cstecgi.cgi` file. The manipulation of the `plugin name` argument leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `setUnloadUserData` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `plugin name` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK N300RH version 6.1c.1390 B20191101 **Description** A critical vulnerability was found in the function `setUploadUserData` of the file `/cgi-bin/cstecgi.cgi`. The manipulation of the argument `FileName` leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the `setUploadUserData` function until a patch is available. Restrict access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `FileName` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R, A3002R, and A3002RU version 3.0.0-B20230809.1615 Description: A critical issue has been found in the HTTP POST Request Handler component. The problem arises from the manipulation of the `submit-url` argument, leading to a buffer overflow. This can be exploited remotely. The issue affects an unknown function of the file `/boafrm/formSetLg`. Recommendations: For TOTOLINK A702R, A3002R, and A3002RU version 3.0.0-B20230809.1615, consider disabling the HTTP POST Request Handler until a patch is available to prevent remote buffer overflow attacks. Restrict access to the `/boafrm/formSetLg` file to minimize the risk of exploitation. Avoid using the `submit-url` argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 3.0.0-B20230809.1615 TOTOLINK A3002R version 3.0.0-B20230809.1615 TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting an unknown functionality of the file /boafrm/formWlanRedirect. The manipulation of the `redirect-url` argument leads to a buffer overflow. This issue can be exploited remotely. Recommendations: For TOTOLINK A702R version 3.0.0-B20230809.1615, consider disabling the HTTP POST Request Handler until a patch is available. For TOTOLINK A3002R version 3.0.0-B20230809.1615, restrict access to the /boafrm/formWlanRedirect file to minimize the risk of exploitation. For TOTOLINK A3002RU version 3.0.0-B20230809.1615, avoid using the `redirect-url` argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TOTOLINK A702R version 3.0.0-B20230809.1615 TOTOLINK A3002R version 3.0.0-B20230809.1615 TOTOLINK A3002RU version 3.0.0-B20230809.1615 Description: A critical issue affects the unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument `submit-url` leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Recommendations: For TOTOLINK A702R version 3.0.0-B20230809.1615, consider disabling the HTTP POST Request Handler until a patch is available. For TOTOLINK A3002R version 3.0.0-B20230809.1615, restrict access to the /boafrm/formNtp file to minimize the risk of exploitation. For TOTOLINK A3002RU version 3.0.0-B20230809.1615, avoid using the `submit-url` argument in the affected API endpoint until the issue is resolved. As a temporary workaround, consider disabling the vulnerable component of the HTTP POST Request Handler until a patch is available.