Name of the Vulnerable Software and Affected Versions:

TOTOLINK X15 version 1.0.0-B20230714.1105

Description:

A critical vulnerability exists in the HTTP POST Request Handler component of the TOTOLINK X15. The vulnerability is a buffer overflow in the `/boafrm/formMultiAPVLAN` file, triggered by manipulating the `submit-url` argument. This allows for a remote attack that can cause a denial of service. The exploit for this issue has been publicly disclosed and may be used.

Recommendations:

TOTOLINK X15 version 1.0.0-B20230714.1105: At the moment, there is no information about a newer version that contains a fix for this vulnerability.