Fly200503

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology LBT-T300-T310 versions up to 2.2.3.6 Description: A critical vulnerability has been found in the affected software. This issue affects the `config 3g para` function of the file `/appy.cgi`. The manipulation of the `username 3g` and `password 3g` arguments leads to a buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Recommendations: For Shenzhen Libituo Technology LBT-T300-T310 versions up to 2.2.3.6, consider disabling the `config 3g para` function of the file `/appy.cgi` to prevent exploitation until a patch is available. Restrict access to the `username 3g` and `password 3g` parameters in the affected API endpoint to minimize the risk of exploitation. Avoid using the `username 3g` and `password 3g` parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TOTOLINK N200RE versions 9.3.5u.6095 B20200916 through 9.3.5u.6139 B20201216 Description: A critical issue has been found, affecting the function `sub 41A0F8` of the file `/cgi-bin/cstecgi.cgi`. The manipulation of the argument `Hostname` leads to os command injection. This issue can be exploited remotely. Recommendations: For versions 9.3.5u.6095 B20200916 through 9.3.5u.6139 B20201216, as a temporary workaround, consider restricting access to the `/cgi-bin/cstecgi.cgi` file to minimize the risk of exploitation. Avoid using the `Hostname` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.