Totolink Cp450 Firmware

TOTOLINK CP450 4.1 buf overflow via http_host param in cstecgi.cgi
CVE-2024-7465 9.8 - Critical - August 05, 2024

A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273558 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Classic Buffer Overflow

TOTOLINK CP450 Telnet Service uses hardcoded pwd critical 4.1.0 cu 747
CVE-2024-7332 9.8 - Critical - August 01, 2024

A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273255. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Use of Hard-coded Credentials

Command Injection in TOTOLINK CPE CP450 v4.1.0cu.747 via setUpgradeFW
CVE-2024-34204 - May 14, 2024

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter.

Command Injection in TOTOLINK CP450 v4.1.0cu download_firmware
CVE-2024-34205 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function.

Command injection in TOTOLINK CP450 v4.1.0cu.747 via setWebWlanIdx CVE-2024-34206
CVE-2024-34206 - May 14, 2024

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter.

Stack Buffer Overflow in setStaticDhcpConfig of TOTOLINK CP450 4.1.0cu.747
CVE-2024-34207 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.

Buffer Overflow in setIpPortFilterRules (Totolink CP450 v4.1.0cu.747)
CVE-2024-34209 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.

Command Injection in TOTOLINK CP450 v4.1 via CloudACMunualUpdate
CVE-2024-34210 - May 14, 2024

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.

TOTOLINK CP450 hardcoded root password in /etc/shadow.sample (v4.1.0cu.747_B20191224)
CVE-2024-34211 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

Stack buffer overflow in TOTOLINK CP450 v4.1.0cu.747 CloudACMunualUpdate
CVE-2024-34212 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.

TOTOLINK CP450 4.1.0cu.747_B20191224: Stack Bf Overflow in SetPortForwardRules
CVE-2024-34213 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.

TOTOLINK CP450 v4.1.0cu.747 stack buf over in setUrlFilterRules
CVE-2024-34215 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.

TOTOLINK CP450 v4.1.0 Stack Buffer Overflow in addWlProfileClientMode
CVE-2024-34217 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.

Command injection in TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 NTPSyncWithHost
CVE-2024-34218 - May 14, 2024

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.

TOTOLINK CP450 4.1.0cu.747 B20191224 Telnet Login Remote Auth Bypass
CVE-2024-34219 - May 14, 2024

TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet.

TOTOLINK CPE CP450 4.1.0cu.747 Stack Buffer Overflow in setIpQosRules
CVE-2024-34200 - May 14, 2024

TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function.

TOTOLINK CP450 v4.1.0cu.747 Buffer Overflow in getSaveConfig
CVE-2024-34201 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.

Stack Buffer Overflow in TOTOLINK CP450 v4.1.0cu.747 via setMacFilterRules
CVE-2024-34202 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.

TOTOLINK CP450 4.1.0cu.747 buffer overflow in setLanguageCfg
CVE-2024-34203 - May 14, 2024

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.