CVE-2024-7334
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 1, 2024
Updated: Aug 9, 2024
CWE ID 120
Summary
CVE-2024-7334 is a critical vulnerability affecting the TOTOLINK EX1200L in version 9.3.5u.6146_B20201023. This issue lies within the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, leading to a buffer overflow. The exploit can be initiated remotely, making it a significant threat. The vulnerability has been disclosed publicly, and an identifier, VDB-273257, has been assigned. Regrettably, the vendor was contacted but did not respond to the disclosure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- TOTOLINK