CVE-2024-0942

Name of the Vulnerable Software and Affected Versions Totolink N200RE V5 version 9.3.5u.6255 B20211224

Description The issue is related to the /cgi-bin/cstecgi.cgi file in the Totolink N200RE router's firmware, specifically concerning incorrect session expiration. This can allow a remote attacker to disclose protected information. The manipulation of an unknown function in the file leads to session expiration, and it is possible to launch the attack remotely.

Recommendations For Totolink N200RE V5 version 9.3.5u.6255 B20211224, consider restricting access to the /cgi-bin/cstecgi.cgi file as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.