Dlchen

Name of the Vulnerable Software and Affected Versions Totolink A3002MU version B20211125.1046 Description A stack-based buffer overflow exists in the HTTP Request Handler component. This occurs when the `wan-url` argument is manipulated in the function (`sub 410188()`) of the file '/boafrm/formWlanSetup', allowing for remote exploitation. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions TOTOLINK A7000R versions up to 9.1.0u.6115 Description A stack-based buffer overflow exists in the `setWiFiEasyGuestCfg()` function within the '/cgi-bin/cstecgi.cgi' file. This issue is triggered by the manipulation of the `ssid5g` argument, allowing remote attackers to execute code. Recommendations Avoid using the `ssid5g` parameter in the `setWiFiEasyGuestCfg()` function within the '/cgi-bin/cstecgi.cgi' file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.