CVE-2024-8576

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 8, 2024
Updated: Sep 9, 2024
CWE ID 120

Summary

CVE-2024-8576 is a critical vulnerability affecting the TOTOLINK AC1200 T8 and AC1200 T10 routers, specifically in the setIpPortFilterRules function located in the /cgi-bin/cstecgi.cgi file. The vulnerability allows for remote exploitation via a buffer overflow caused by manipulation of the 'desc' argument, posing significant risks to an organization's data integrity and confidentiality. Affected products can be remediated by applying available patches or updates from the vendor, although no response has been received from TOTOLINK regarding this disclosure. The vulnerability has a high base score of 8.8 on the CVSS scale, indicating that it requires low privileges and user interaction for exploitation. Organizations using these routers should prioritize mitigation efforts due to the potential for severe impacts on network security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share