Stack Overflow Vulnerability in TOTOLINK X5000R and A7000R Routers via http_host Parameter

Stack Overflow Vulnerability in TOTOLINK X5000R and A7000R Routers via http_host Parameter

CVE-2023-36950 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

Learn more about our Web Application Penetration Testing UK.