CVE-2021-45736

Name of the Vulnerable Software and Affected Versions TOTOLINK X5000R version 9.1.0u.6118 B20201102

Description A stack overflow was discovered in the setL2tpServerCfg function, allowing attackers to cause a Denial of Service (DoS) via the eip, sip, server parameters.

Recommendations For TOTOLINK X5000R version 9.1.0u.6118 B20201102, consider disabling the setL2tpServerCfg function as a temporary workaround to minimize the risk of exploitation. Restrict access to the parameters eip, sip, and server to prevent potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.