Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0 function). The binary reads the /proc/stat file using fgets() into a local buffer and subsequently parses the line using sscanf() into a single-byte variable with the %s format specifier. Maliciously crafted /proc/stat content can overwrite adjacent stack memory, potentially allowing an attacker with filesystem write privileges to execute arbitrary code on the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TOTOLINK A720R 安全漏洞
Vulnerability Description
TOTOLINK A720R是中国吉翁电子(TOTOLINK)公司的一款无线路由器。 TOTOLINK A720R V4.1.5cu.614_B20230630版本存在安全漏洞,该漏洞源于sysconf二进制文件中存在栈缓冲区溢出,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A