PT-2024-22502 · Totolink · Totolink A7000R+1
He Nan
·
Published
2024-03-15
·
Updated
2025-06-27
·
CVE-2024-28640
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
TOTOLink X5000R version 9.1.0u.6118-B20201102
TOTOLink A7000R version 9.1.0u.6115-B20201022
Description
A Buffer Overflow issue allows a remote attacker to cause a denial of service via the command field.
Recommendations
For TOTOLink X5000R version 9.1.0u.6118-B20201102, consider disabling access to the command field until a patch is available.
For TOTOLink A7000R version 9.1.0u.6115-B20201022, restrict access to the command field to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Totolink A7000R
Totolink X5000R