Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TOTOLINK N200RE V5 Validity_check format string
Vulnerability Description
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the impact is to bypass the validation which leads to to OS command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用外部控制的格式字符串
Vulnerability Title
TOTOLINK N200RE 格式化字符串错误漏洞
Vulnerability Description
TOTOLINK N200RE是中国吉翁电子(TOTOLINK)公司的一个路由器。 TOTOLINK N200RE V5 9.3.5u.6437_B20230519版本存在格式化字符串错误漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A