CVE-2021-45737

Name of the Vulnerable Software and Affected Versions TOTOLINK A720R version 4.1.5cu.470 B20200911

Description The issue is related to a stack overflow in the Form Login function, allowing attackers to cause a Denial of Service (DoS) via the Host parameter.

Recommendations For TOTOLINK A720R version 4.1.5cu.470 B20200911, as a temporary workaround, consider disabling the Form Login function until a patch is available. Restrict access to the Host parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.