Hijin0925

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** The issue is related to a stack overflow via the `comment` parameter in the `setIpQosRules` function, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request to the affected API endpoint. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the `setIpQosRules` function until a patch is available to prevent exploitation. Restrict access to the vulnerable `comment` parameter in the `setIpQosRules` function to minimize the risk of Denial of Service (DoS) attacks.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** A command injection issue was discovered via the `magicid` parameter in the `uci cloudupdate config` function. This allows for potential exploitation. **Recommendations** For TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider restricting access to the `uci cloudupdate config` function until a patch is available. Avoid using the `magicid` parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** The issue is related to a stack overflow via the `comment` parameter in the `setPortForwardRules` function, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the `setPortForwardRules` function until a patch is available to prevent exploitation. Restrict access to the vulnerable function to minimize the risk of Denial of Service (DoS) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** The issue is related to a stack overflow via the `startTime` and `endTime` parameters in the `setParentalRules` function, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request to the affected API endpoint. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the `setParentalRules` function as a temporary workaround to prevent exploitation. Restrict access to the API endpoint that accepts `startTime` and `endTime` parameters to minimize the risk of Denial of Service (DoS) attacks.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** A stack overflow issue was discovered via the `url` parameter in the `setUrlFilterRules()` function, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request to the `/api` endpoint, although the exact endpoint is not specified. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the `setUrlFilterRules()` function as a temporary workaround until a patch is available. Restrict access to the `url` parameter in the affected function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** The issue is a stack overflow that occurs via the `macAddress` parameter in the `setMacQos` function, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request to the affected API endpoint. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the `setMacQos` function or restricting access to the `macAddress` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129 **Description** A hard-coded password for the telnet service was found in the `/web cste/cgi-bin/product.ini` component. This issue affects the telnet service, where a hard-coded password is stored, potentially allowing unauthorized access. **Recommendations** For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the telnet service until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOTOLINK A3100R version V4.1.2cu.5050 B20200504 TOTOLINK A3100R version V4.1.2cu.5247 B20211129 **Description** An access control issue allows attackers to obtain sensitive information via a crafted web request. **Recommendations** For TOTOLINK A3100R version V4.1.2cu.5050 B20200504, update to a version that addresses the access control issue. For TOTOLINK A3100R version V4.1.2cu.5247 B20211129, update to a version that addresses the access control issue. As a temporary workaround, consider restricting access to sensitive information until a patch is available.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR816L versions FW206b01 **Description** The issue is related to the getcfg.php component and is caused by errors in the code. It allows attackers to access the device by using a specially crafted payload. **Recommendations** For D-Link DIR816L version FW206b01, consider restricting access to the getcfg.php component until a patch is available. As a temporary workaround, avoid using the getcfg.php component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR816L versions prior to FW206b01 **Description** The issue is related to insufficient access control in the software of D-Link DIR816L routers. This allows remote attackers to access sensitive folders, specifically "folder view.php" and "category view.php". **Recommendations** For D-Link DIR816L versions prior to FW206b01, update to a version that includes the necessary security patches to fix the access control issue. As a temporary workaround, consider restricting access to the "folder view.php" and "category view.php" folders to minimize the risk of exploitation.