CVE-2023-45985

Name of the Vulnerable Software and Affected Versions TOTOLINK X5000R version 9.1.0u.6118 B20201102 TOTOLINK A7000R version 9.1.0u.6115 B20201022

Description The issue is related to a stack overflow in the setParentalRules function, which can be exploited by attackers to cause a Denial of Service (DoS) via a crafted POST request. This vulnerability allows remote attackers to disrupt the service by sending a specially crafted request.

Recommendations For TOTOLINK X5000R version 9.1.0u.6118 B20201102, consider disabling the setParentalRules function until a patch is available. For TOTOLINK A7000R version 9.1.0u.6115 B20201022, consider disabling the setParentalRules function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.