Intrusion PreventionTOTOLINK.Devices.Password.Parameter.Buffer.Overflow
Description
This indicates an attack attempt against a Stack Overflow vulnerability in TOTOLINK devices.
The vulnerability is a result of the application's failure to properly sanitize user input. A remote attacker can send a crafted HTTP request to overflow the stack-based buffer. Successful exploitation could lead to the execution of arbitrary code.
Affected Products
TOTOLINK LR1200GB V9.1.0u.6619_B20230130
TOTOLINK LR350 V9.3.5u.6698_B20230810
TOTOLINK A3100R V4.1.2cu.5050_B20200504
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2025-03-06 | 31.966 |
Modified
|
Sig Added |
| 2025-02-27 | 31.962 |
Modified
|
Name:TOTOLINK. LR1200GB. cstecgi. Buffer. Overflow:TOTOLINK. Devices. Password. Parameter. Buffer. Overflow |
| 2024-07-22 | 28.830 |
Modified
|
Name:TOTOLINK. LR1200GB. cstecgi. Stack. Overflow:TOTOLINK. LR1200GB. cstecgi. Buffer. Overflow |
| 2024-05-21 | 27.790 |
Modified
|
Name:TOTOLINK. LR1200GB. password. Field. Stack. Overflow:TOTOLINK. LR1200GB. cstecgi. Stack. Overflow |
| 2024-04-09 | 27.763 |
Modified
|
Default_action:pass:drop |
| 2024-04-01 | 27.758 |
New
|
| ID | 55069 |
| Created | Mar 21, 2024 |
| Updated | Oct 28, 2025 |
| CVE ID | |
| Risk |
|
| Exploit Prediction Score | 11.13% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |
| Profile Type | Buffer Errors |