TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.
The product writes data past the end, or before the beginning, of the intended buffer.
Link | Tags |
---|---|
https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/CP300%2B_4.md | third party advisory exploit |