CVE-2024-53335

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 21, 2024
Updated: Nov 26, 2024
CWE ID 120

Summary

CVE-2024-53335 represents a Buffer Overflow vulnerability affecting the TOTOLINK A810R V4.1.2cu.5182_B20201026 firmware. The issue is rooted in the 'downloadFile.cgi' component, which lacks adequate bounds checking, allowing an attacker to send specially crafted input that exceeds the intended buffer size. Successful exploitation may lead to arbitrary code execution or system crashes, posing a significant risk to network security. Users are strongly advised to update their devices as soon as a patch becomes available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share