CVE-2024-7334

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 1, 2024
Updated: Aug 9, 2024
CWE ID 120

Summary

CVE-2024-7334 is a critical vulnerability affecting the TOTOLINK EX1200L in version 9.3.5u.6146_B20201023. This issue lies within the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, leading to a buffer overflow. The exploit can be initiated remotely, making it a significant threat. The vulnerability has been disclosed publicly, and an identifier, VDB-273257, has been assigned. Regrettably, the vendor was contacted but did not respond to the disclosure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share