CVE-2023-33485

Name of the Vulnerable Software and Affected Versions TOTOLINK X5000R versions V9.1.0u.6118 B20201102 through V9.1.0u.6369 B20230113

Description The issue is a post-authentication buffer overflow that occurs via the sPort/ePort parameter in the addEffect function.

Recommendations For TOTOLINK X5000R versions V9.1.0u.6118 B20201102 through V9.1.0u.6369 B20230113, consider disabling the addEffect function as a temporary workaround until a patch is available. Restrict access to the sPort and ePort parameters in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.