N/A

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste_modules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service.

N/A

N/A

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R是中国吉翁电子（TOTOLINK）公司的一款 6 天线 1200M 无线路由器。 TOTOlink A3600R v5.9c.4959版本存在安全漏洞，该漏洞源于/lib/cste_modules/app.so中setAppEasyWizardConfig接口的rootSsid参数长度验证不当，可能导致远程攻击者触发缓冲区溢出，从而执行任意代码或导致拒绝服务。

N/A

N/A