TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
The vulnerability (CWE-121) is a stack-based buffer overflow caused by passing an excessively long value of the ssid parameter to the setWiFiEasyCfg function. Lack of proper validation of input data length causes overwriting of stack memory areas, enabling the attacker to execute arbitrary code. The attack can be performed remotely, without authentication and without user interaction.
An attacker can remotely execute arbitrary code (RCE) on the vulnerable router, leading to complete device takeover — loss of confidentiality, integrity, and system availability.
Patches available from the manufacturer should be applied according to references. Until the update is applied, it is recommended to restrict access to the device management interface to trusted networks only and disable remote management over the Internet.
TOTOLINK A3700R with firmware version V9.1.2u.6165_20211012
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTotolink A3700r
HWTotolinkwszystkie wersjeTotolink A3700r Firmware
OSTotolink9.1.2u.6165_20211012
Related vulnerabilities
Buffer overflow w TOTOLINK A3700R — parametr http_host w funkcji loginauth
Buffer overflow w parametrze ssid funkcji setWizardCfg — TOTOLINK A3700R
Stack overflow w TOTOLINK A3700R — funkcja setWizardCfg (ssid5g)
Stack overflow w TOTOLINK A3700R — podatność w funkcji loginAuth
Stack overflow w TOTOLINK A3700R — funkcja setWiFiBasicCfg (ssid)