CVE-2024-8577

Summary

CVE-2024-8577 is a critical vulnerability affecting the TOTOLINK AC1200 T8 and AC1200 T10 routers, specifically in the setStaticDhcpRules function of the /cgi-bin/cstecgi.cgi file. This vulnerability allows for remote exploitation through buffer overflow caused by improper handling of the argument 'desc'. The potential impact includes high risks to confidentiality, integrity, and availability, as it could allow unauthorized access and manipulation of sensitive data. Organizations using these affected products are strongly advised to apply remediation measures immediately, including updating their firmware or disabling vulnerable features until a patch is available. Despite early disclosure to the vendor, no response has been received regarding this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.