CVE-2024-36650

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-120
View all →

Vulnerability Description

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.

Related Vulnerabilities

CVE-2012-6122

HIGH
CVSS:7.5(High)

Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value.

CWE-1202012

CVE-2013-4357

HIGH
CVSS:7.5(High)

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

CWE-1202013

CVE-2016-8714

HIGH
CVSS:7.5(High)

An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in...

CWE-1202016

CVE-2017-13319

HIGH
CVSS:7.5(High)

In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variab...

CWE-1202017

CVE-2017-15134

HIGH
CVSS:7.5(High)

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attac...

CWE-1202017

CVE-2017-2851

HIGH
CVSS:7.5(High)

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow.

CWE-1202017