CVE-2023-51136

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 30, 2023
Updated: Jan 5, 2024
CWE ID 787

Summary

CVE-2023-51136 is a newly identified vulnerability affecting the TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web firmware. The issue stems from a stack overflow in the function formRebootSchedule, which can be exploited by malicious actors to cause denial-of-service conditions or potentially execute arbitrary code. Successful exploitation requires user interaction, typically through a web interface. This vulnerability poses a risk to the confidentiality, integrity, and availability of affected systems and requires immediate attention from users and administrators to apply the necessary patches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share