cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8580,https://securityvulnerability.io/vulnerability/CVE-2024-8580,Remote Code Manipulation Vulnerability in TOTOLINK AC1200 T8,"A serious vulnerability has been identified in the TOTOLINK AC1200 T8, specifically within the file '/etc/shadow.sample'. This issue arises from the presence of a hard-coded password, which poses significant security risks. The vulnerability enables remote attackers to manipulate the system, although the complexity and difficulty of exploitation are relatively high. The flaw was publicly disclosed without any response from the vendor, leaving the potential for exploitation open. Users of the affected firmware version are advised to take immediate action to safeguard their networks.",Totolink,Ac1200 T8,8.1,HIGH,0.0020000000949949026,false,false,false,true,true,false,false,2024-09-08T20:31:06.358Z,0
CVE-2024-8579,https://securityvulnerability.io/vulnerability/CVE-2024-8579,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 WiFi Repeater,"A significant buffer overflow vulnerability exists in the TOTOLINK AC1200 T8, specifically within the setWiFiRepeaterCfg function located in the /cgi-bin/cstecgi.cgi file. This vulnerability allows an attacker to manipulate the 'password' argument, potentially leading to a system crash or unauthorized access. As this exploit can be executed remotely, it poses a considerable risk to users. Although the issue was communicated to TOTOLINK prior to public disclosure, no response was recorded from the vendor, emphasizing the need for users to address their devices' security against potential exploitations.",Totolink,Ac1200 T8,9.8,CRITICAL,0.0020000000949949026,false,false,false,true,true,false,false,2024-09-08T19:31:05.769Z,0
CVE-2024-8578,https://securityvulnerability.io/vulnerability/CVE-2024-8578,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 4.1.5cu.861 Could Be Remotely Exploited,"A buffer overflow vulnerability has been identified in the TOTOLINK AC1200 T8 router, specifically within the setWiFiMeshName function located in /cgi-bin/cstecgi.cgi. This issue arises from improper handling of the device_name argument, which could allow an attacker to execute arbitrary code. The exploit is capable of being triggered remotely, posing significant risks to network integrity and security. Despite early notification efforts to the vendor regarding this vulnerability, there has been no response, raising concerns about timely mitigation strategies.",Totolink,Ac1200 T8,8.8,HIGH,0.0006699999794363976,false,false,false,true,true,false,false,2024-09-08T19:00:05.992Z,0
CVE-2024-8577,https://securityvulnerability.io/vulnerability/CVE-2024-8577,Buffer Overflow Issue in TOTOLINK AC1200 T8 and T10 Products,"A critical buffer overflow vulnerability has been discovered in the TOTOLINK AC1200 T8 and T10 routers within the setStaticDhcpRules function located in /cgi-bin/cstecgi.cgi. This vulnerability arises from improper handling of input arguments, particularly the 'desc' parameter, leading to potential remote code execution. As the exploit has been publicly disclosed, it poses a significant risk to users of these devices. Security measures should be taken immediately to mitigate potential attacks, which could exploit this flaw without requiring any prior authentication.",Totolink,"Ac1200 T8,Ac1200 T10",8.8,HIGH,0.0006699999794363976,false,false,false,true,true,false,false,2024-09-08T18:31:05.815Z,0
CVE-2024-8576,https://securityvulnerability.io/vulnerability/CVE-2024-8576,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 and T10 Products,"A significant buffer overflow vulnerability has been identified in the TOTOLINK AC1200 T8 and AC1200 T10 routers, specifically in the setIpPortFilterRules function located within the cgi-bin/cstecgi.cgi file. This vulnerability enables an attacker to manipulate the 'desc' parameter, potentially leading to code execution via a remote attack. The exploit has been publicly disclosed, and even though the vendor was notified prior to the disclosure, no response was received. Users of these routers are advised to take immediate action to secure their devices.",Totolink,"Ac1200 T8,Ac1200 T10",8.8,HIGH,0.0006699999794363976,false,false,false,true,true,false,false,2024-09-08T18:00:06.899Z,0
CVE-2024-8575,https://securityvulnerability.io/vulnerability/CVE-2024-8575,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 Router,"A critical buffer overflow vulnerability has been identified in the TOTOLINK AC1200 T8 router, specifically in the setWiFiScheduleCfg function of the cstecgi.cgi file. This vulnerability arises from improper handling of the 'desc' argument, allowing attackers to manipulate the memory allocation and execute arbitrary code. The exploit can be initiated remotely, putting devices at significant risk if left unpatched. Despite early disclosure attempts to the vendor, there has been no response. Users of the affected version (4.1.5cu.861_B20230220) are strongly advised to monitor for updates and apply necessary mitigations to protect their devices.",Totolink,Ac1200 T8,8.8,HIGH,0.0006699999794363976,false,false,false,true,true,false,false,2024-09-08T16:31:05.766Z,0
CVE-2024-8574,https://securityvulnerability.io/vulnerability/CVE-2024-8574,Command Injection Vulnerability in TOTOLINK AC1200 T8 Router,"A critical command injection vulnerability has been identified in the TOTOLINK AC1200 T8 router that enables attackers to exploit the 'setParentalRules' function located in the /cgi-bin/cstecgi.cgi file. By manipulating the 'slaveIpList' argument, remote attackers can execute arbitrary operating system commands without the need for authentication. The vulnerability has been publicly disclosed, and despite early contact with the vendor, no response was received. This exploit poses a significant risk to users and requires immediate action to mitigate potential threats.",Totolink,Ac1200 T8,8.8,HIGH,0.0013800000306218863,false,false,false,true,true,false,false,2024-09-08T11:00:06.220Z,0
CVE-2024-8573,https://securityvulnerability.io/vulnerability/CVE-2024-8573,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 and T10 Routers,"A critical buffer overflow vulnerability has been identified in the TOTOLINK AC1200 T8 and AC1200 T10 routers, specifically within the setParentalRules function located in the cgi-bin/cstecgi.cgi file. This vulnerability can be exploited by manipulating the 'desc' argument, leading to a buffer overflow condition. The nature of this flaw allows for remote exploitation, opening the door for potential attackers to execute arbitrary code. The exploit has already been publicly disclosed, putting users at significant risk. Despite proactive communication regarding this issue, TOTOLINK has not provided a response or mitigation strategy.",Totolink,"Ac1200 T8,Ac1200 T10",8.8,HIGH,0.0006699999794363976,false,false,false,true,true,false,false,2024-09-08T10:00:06.219Z,0
CVE-2024-8079,https://securityvulnerability.io/vulnerability/CVE-2024-8079,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 4.1.5cu.862,"A vulnerability exists in the TOTOLINK AC1200 T8 router version 4.1.5cu.862_B20230228 that impacts the exportOvpn function, leading to potential buffer overflow attacks. This can be exploited remotely, allowing attackers to manipulate the router's operations without physical access. Despite early notification to the vendor regarding this vulnerability, there has been no response. Users are advised to evaluate their security measures and consider applying necessary patches or updates as they become available.",Totolink,Ac1200 T8,9.8,CRITICAL,0.0008900000248104334,false,false,false,false,,false,false,2024-08-22T21:15:00.000Z,0
CVE-2024-8078,https://securityvulnerability.io/vulnerability/CVE-2024-8078,Buffer Overflow Vulnerability in TOTOLINK AC1200 T8 Router,"A serious vulnerability exists in the TOTOLINK AC1200 T8 router, specifically in the setTracerouteCfg function. This flaw can lead to a buffer overflow, allowing remote attackers to execute arbitrary code on the device. The vulnerability has been confirmed in version 4.1.5cu.862_B20230228, which raises significant security concerns. Despite early notifications sent to the vendor, there has been no response regarding this issue. Network administrators using affected models should prioritize patching this vulnerability to mitigate potential exploitation that could compromise network integrity.",Totolink,Ac1200 T8,9.8,CRITICAL,0.0008900000248104334,false,false,false,false,,false,false,2024-08-22T21:15:00.000Z,0
CVE-2024-8075,https://securityvulnerability.io/vulnerability/CVE-2024-8075,OS Command Injection Vulnerability in TOTOLINK AC1200 T8 Router,"A serious vulnerability has been identified in the TOTOLINK AC1200 T8 router, specifically in its setDiagnosisCfg function. This flaw allows for remote command injection, enabling attackers to execute arbitrary operating system commands through manipulated requests. The potential consequences of this vulnerability are severe, as it could grant unauthorized access to sensitive information and control over the affected device. Despite early communication attempts, the vendor has yet to respond regarding this critical security issue, leaving users at risk. It is crucial for affected users to implement immediate security measures and monitor their devices for suspicious activities.",Totolink,Ac1200 T8,9.8,CRITICAL,0.0008500000112690032,false,false,false,false,,false,false,2024-08-22T20:15:00.000Z,0