CVE-2024-7180
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
A critical vulnerability, identified as CVE-2024-7180, has been discovered in TOTOLINK A3600R 4.1.2cu.5182_B20201102. The vulnerability affects the setPortForwardRules function of the file /cgi-bin/cstecgi.cgi, specifically due to a buffer overflow caused by manipulating the comment argument. This vulnerability can be exploited remotely and has been publicly disclosed, increasing the potential danger to organizations using this product. Although the vendor was notified about the disclosure, they did not respond. It is important for affected organizations to remediate this vulnerability promptly to mitigate the risk it poses.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.