CVE-2024-7465

NVD Published Date: August 05, 2024 at 02:16 AM
NVD Last Modified: August 15, 2024 at 01:11 PM
Download Patch
Vulnerability ID
CVE-2024-7465
Severity
CRITICAL
Severity Score
9.8
Summary
A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273558 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-120

Recent Publish

CVE-2024-7468

CVE-2024-7467

CVE-2024-7469

CVE-2024-7470

CVE-2024-39838

CVE-2024-41889

See SecOps Solution
in action

Schedule Demo