Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `websGetVar` and copies it into a fixed-size stack buffer (`v13`) using `strcpy()` without performing any length checks. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the router's web interface, potentially leading to arbitrary code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TOTOLINK A950RG 安全漏洞
Vulnerability Description
TOTOLINK A950RG是中国吉翁电子(TOTOLINK)公司的一款超世代 Giga 无线路由器。 TOTOLINK A950RG V5.9c.4592_B20191022_ALL版本存在安全漏洞,该漏洞源于global.so二进制文件中存在缓冲区溢出,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A