CVE-2022-44258

Description

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function.

Related CPE's

o totolink lr350_firmware 9.3.5u.6369_b20220309 *******

h totolink lr350 -*******

References

https://brief-nymphea-813.notion.site/LR350-bof-setTracerouteCfg-cca08814d6b24733ade00b2dae1d4c1a

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io