CVE-2024-42546

Name of the Vulnerable Software and Affected Versions TOTOLINK A3100R version 4.1.2cu.5050 B20200504

Description The issue is a buffer overflow vulnerability in the password parameter in the loginauth function. This vulnerability can be exploited, but no specific details about the estimated number of potentially affected devices or real-world incidents are provided.

Recommendations For TOTOLINK A3100R version 4.1.2cu.5050 B20200504, as a temporary workaround, consider restricting the use of the loginauth function until a patch is available. Avoid using the password parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.