CVE-2024-7212
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-7212 is a critical vulnerability found in TOTOLINK A7000R 9.1.0u.6268_B20220504. It affects the function loginauth of the file /cgi-bin/cstecgi.cgi and can be exploited remotely. The manipulation of the argument password leads to a buffer overflow. The vendor was notified about this disclosure but did not respond. This vulnerability has been publicly disclosed and poses a high danger to organizations using the affected product, as it allows remote attackers to execute arbitrary code and potentially gain unauthorized access to sensitive information. Remediation measures should be taken promptly to mitigate the risk posed by this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.