Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TOTOLINK T10 缓冲区错误漏洞
Vulnerability Description
TOTOLINK T10是中国吉翁电子(TOTOLINK)公司的一款无线网路系统路由器。 TOTOLINK T10_v2 5.9c.5061_B20200511版本存在安全漏洞,该漏洞源于/lib/cste_modules/lan.so 的 setStaticDhcpConfig 中存在基于堆栈的缓冲区溢出,攻击者利用该漏洞可以通过comment参数在MQTT数据包中发送精心设计的数据,以控制返回地址并执行代码。
CVSS Information
N/A
Vulnerability Type
N/A