Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service (DoS) via the IP field.
The vulnerability results from improper input validation in the IP field (CWE-120 — classic buffer overflow). An attacker can send specially crafted data to the vulnerable field, causing a buffer overflow in the device's memory. The exploit does not require authentication or user interaction, and the attack can be conducted remotely over the network.
An attacker can execute arbitrary code on the device (RCE) or cause it to become unavailable (DoS). In the worst-case scenario, complete takeover of the router is possible.
Apply patches available from the manufacturer according to the references provided. If an update is not available, it is recommended to isolate devices from public network access, disable unnecessary remote management services, and implement firewall rules restricting device access only to trusted IP addresses.
TOTOLINK X5000R with firmware version V9.1.0u.6118-B20201102 and TOTOLINK A7000R with firmware version V9.1.0u.6115-B20201022.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTotolink A7000r
HWTotolinkwszystkie wersjeTotolink A7000r Firmware
OSTotolink9.1.0u.6115_b20201022Totolink X5000r
HWTotolinkwszystkie wersjeTotolink X5000r Firmware
OSTotolink9.1.0u.6118_b20201102
Related vulnerabilities
TOTOLINK X5000R — argument injection w setDiagnosisCfg prowadzący do DoS
Totolink X5000R: auth bypass umożliwiający nieautoryzowany dostęp root przez Telnet
TOTOLINK A7000R – bypass uwierzytelnienia przez formLoginAuth.htm
Command injection w TOTOLINK X5000R — podatność RCE przez parametr 'port'
Stack overflow w TOTOLink A7000R — funkcja setOpModeCfg