CVE-2023-36340

EUVD-2023-40308
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
totolinknr1800x_firmware
9.1.0u.6279_b20210910:u.6279_b20210910
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/TOTOLINK-NR1800X.md
https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/TOTOLINK-NR1800X.md