CVE-2023-49418

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 11, 2023

Updated: Dec 13, 2023

CWE ID 787

Summary

CVE-2023-49418 is a newly discovered vulnerability affecting the TOTOLink A7000R router in version V9.1.0u.6115_B20201022. The issue involves a stack overflow, which can be triggered through the setIpPortFilterRules function. Successful exploitation could lead to a denial-of-service condition or potentially allow an attacker to execute arbitrary code with the privileges of the affected router component. Users are advised to apply the latest security updates from TOTOLink to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TOTOLINK

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tlE1jQ
https://www.cve.org/CVERecord?id=CVE-2023-49418
https://nvd.nist.gov/vuln/detail/CVE-2023-49418

Back to Vulnerability Database

CVE-2023-49418

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations