Unpwn4Bl3

**Name of the Vulnerable Software and Affected Versions** Totolink X2000R V2 version 2.0.0-B20230727.10434 **Description** A critical vulnerability was found in the Totolink X2000R V2, affecting the function `formTmultiAP` of the file `/bin/boa`. The manipulation leads to buffer overflow. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Totolink X2000R V2 version 2.0.0-B20230727.10434, as a temporary workaround, consider disabling the `formTmultiAP` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Totolink A7100RU version 7.4cu.2313 B20191024 **Description** A critical issue has been found in the function `main` of the file `/cgi-bin/cstecgi.cgi?action=login` of the component HTTP POST Request Handler. The manipulation of the argument `flag` leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Totolink A7100RU version 7.4cu.2313 B20191024, as a temporary workaround, consider disabling the `main` function of the `/cgi-bin/cstecgi.cgi?action=login` endpoint until a patch is available. Restrict access to the vulnerable HTTP POST Request Handler component to minimize the risk of exploitation. Avoid using the `flag` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Totolink A7100RU version 7.4cu.2313 B20191024 **Description** A critical issue was found in the function `main` of the file `/cgi-bin/cstecgi.cgi?action=login` of the component HTTP POST Request Handler. The manipulation of the argument `flag` with the input `ie8` leads to buffer overflow. It is possible to launch the attack remotely. The issue is related to the copying of a buffer without checking the size of the input data, which may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Totolink A7100RU version 7.4cu.2313 B20191024, as a temporary workaround, consider disabling the `main` function of the `/cgi-bin/cstecgi.cgi?action=login` file until a patch is available. Restrict access to the HTTP POST Request Handler to minimize the risk of exploitation. Avoid using the `flag` argument with the input `ie8` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.