CVE-2024-8576

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 and AC1200 T10 versions 4.1.5cu.861 B20230220 through 4.1.8cu.5207

Description: A critical issue has been found, affecting the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to a buffer overflow. This issue can be exploited remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted about this disclosure but did not respond.

Recommendations: For TOTOLINK AC1200 T8 and AC1200 T10 versions 4.1.5cu.861 B20230220 through 4.1.8cu.5207, as a temporary workaround, consider disabling the setIpPortFilterRules function until a patch is available. Restrict access to the /cgi-bin/cstecgi.cgi file to minimize the risk of exploitation. Avoid using the argument desc in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.