CVE-2024-42547
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-42547 is a newly disclosed buffer overflow vulnerability affecting version 4.1.2cu.5050_B20200504 of TOTOLINK A3100R routers. The issue lies within the loginauth function, which fails to adequately validate user input in the http_host parameter. An attacker can exploit this vulnerability by crafting a specially designed input and sending it to the affected device. Successful exploitation could lead to arbitrary code execution, potentially allowing the attacker to gain unauthorized access to the router or launch further attacks on the network. It is highly recommended that users update their TOTOLINK A3100R routers to the latest available firmware to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.