Filtered by vendor Totolink Subscriptions
Filtered by product Ex200 Subscriptions
Total 21 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-7335 1 Totolink 2 Ex200, Ex200 Firmware 2024-08-09 8.8 High
A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273258 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.