CVE-2024-1001

Name of the Vulnerable Software and Affected Versions Totolink N200RE version 9.3.5u.6139 B20201216

Description A critical vulnerability has been found, affecting the main function of the /cgi-bin/cstecgi.cgi file. This issue leads to a stack-based buffer overflow, which can be exploited remotely. The vulnerability may impact the confidentiality, integrity, and availability of protected information.

Recommendations For Totolink N200RE version 9.3.5u.6139 B20201216, as a temporary workaround, consider disabling the main function of the /cgi-bin/cstecgi.cgi file until a patch is available. Restrict access to the /cgi-bin/cstecgi.cgi file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.