CVE-2023-40041

Name of the Vulnerable Software and Affected Versions TOTOLINK T10 v2 version 5.9c.5061 B20200511

Description The issue is a stack-based buffer overflow in the setWiFiWpsConfig function, located in /lib/cste modules/wps.so. Attackers can exploit this by sending crafted data in an MQTT packet, specifically via the pin parameter, to control the return address and execute code.

Recommendations For TOTOLINK T10 v2 version 5.9c.5061 B20200511, as a temporary workaround, consider restricting access to the setWiFiWpsConfig function in /lib/cste modules/wps.so to minimize the risk of exploitation. Avoid using the pin parameter in the affected MQTT packet until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.