cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7465,https://securityvulnerability.io/vulnerability/CVE-2024-7465,Buffer Overflow in TOTOLINK CP450 Affects Remote Authentication,"A critical vulnerability has been identified in the TOTOLINK CP450 device, specifically within the authentication functionality located in the /cgi-bin/cstecgi.cgi file. This vulnerability arises from improper handling of the 'http_host' argument, enabling a malicious actor to exploit a buffer overflow flaw. The impact of this flaw allows attackers to launch remote access attacks, potentially compromising device security. Despite early disclosures to the vendor, there has been no response, raising concerns about the urgency of patch implementation and user vigilance. Organizations using the affected version are advised to take immediate measures to secure their devices against potential exploits.",Totolink,Cp450,9.8,CRITICAL,0.0025100000202655792,false,false,false,true,true,false,false,2024-08-05T01:31:04.318Z,0
CVE-2024-7332,https://securityvulnerability.io/vulnerability/CVE-2024-7332,Hard-coded Password Vulnerability in TOTOLINK CP450 Telnet Service,"A critical vulnerability has been identified in the TOTOLINK CP450 device, specifically within its Telnet service configuration file, 'product.ini'. The flaw arises from the use of a hard-coded password, which can be leveraged by an attacker to gain unauthorized remote access to the system. This vulnerability poses significant security risks, especially for Internet of Things (IoT) devices, given their often limited security measures. Exploitation of this flaw could lead to unauthorized actions being executed on affected devices. The issue has been publicly disclosed, raising immediate concerns for users of the affected version, particularly without timely vendor responses to mitigate the impact.",Totolink,Cp450,9.8,CRITICAL,0.06449999660253525,false,false,false,true,true,false,false,2024-08-01T00:31:04.452Z,0