CVE-2024-7177

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 29, 2024
CWE ID 120

Summary

CVE-2024-7177 is a critical vulnerability found in TOTOLINK A3600R 4.1.2cu.5182_B20201102, specifically in the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. This vulnerability allows for buffer overflow through the manipulation of the langType argument, potentially enabling remote attacks. The exploit has been publicly disclosed and there has been no response from the vendor. The vulnerability has a CVSS score of 9.0, indicating a high level of danger to organizations affected by this product.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share