CVE-2024-8579

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 8, 2024
Updated: Sep 10, 2024
CWE ID 120

Summary

CVE-2024-8579 is a critical vulnerability affecting the TOTOLINK AC1200 T8 router, specifically in the setWiFiRepeaterCfg function of the file /cgi-bin/cstecgi.cgi, which allows for a buffer overflow through argument manipulation. The vulnerability can be exploited remotely without requiring user interaction or high privileges, posing significant risks to an organization's confidentiality, integrity, and availability. Remediation involves updating to a secure firmware version; however, the vendor has not responded to early disclosure attempts regarding this issue. The exploit has been publicly disclosed, increasing the likelihood of attacks. Its CVSS score is 8.8, indicating a high severity that necessitates prompt attention from affected users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share