Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function). The web interface reads the "lang" parameter and constructs Help URL strings using sprintf() into fixed-size stack buffers without proper length validation. Maliciously crafted input can overflow these buffers, potentially leading to arbitrary code execution or memory corruption, without requiring authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TOTOLINK LR1200GB 安全漏洞
Vulnerability Description
TOTOLINK LR1200GB是中国吉翁电子(TOTOLINK)公司的一款无线双频 4G LTE 路由器。 ToToLink LR1200GB V9.1.0u.6619_B20230130版本和NR1800X V9.1.0u.6681_B20230703版本存在安全漏洞,该漏洞源于cstecgi.cgi二进制文件中lang参数处理不当,可能导致栈缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A