Details of VAR-202407-2421

ID

VAR-202407-2421

CVE

CVE-2024-7213

TITLE

TOTOLINK of a7000r Classic buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-004995

DESCRIPTION

A vulnerability, which was classified as critical, was found in TOTOLINK A7000R 9.1.0u.6268_B20220504. Affected is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272784. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of a7000r Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A7000R is a wireless router produced by China's TOTOLINK Electronics. There is a buffer overflow vulnerability in the TOTOLINK A7000R 9.1.0u.6268_B20220504 version. The vulnerability is caused by the ssid parameter in the setWizardCfg function of the /cgi-bin/cstecgi.cgi page failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Trust: 2.16

sources: NVD: CVE-2024-7213 // JVNDB: JVNDB-2024-004995 // CNVD: CNVD-2024-36755

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-36755

AFFECTED PRODUCTS

vendor:	totolink	model:	a7000r	scope:	eq	version:	9.1.0u.6268_b20220504	Trust: 1.0
vendor:	totolink	model:	a7000r	scope:	eq	version:	a7000r firmware 9.1.0u.6268 b20220504	Trust: 0.8
vendor:	totolink	model:	a7000r	scope:	eq	version:	-	Trust: 0.8
vendor:	totolink	model:	a7000r	scope:	-	version:	-	Trust: 0.8
vendor:	totolink	model:	a7000r 9.1.0u.6268 b20220504	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2024-36755 // JVNDB: JVNDB-2024-004995 // NVD: CVE-2024-7213

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2024-7213
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2024-7213
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2024-004995
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2024-36755
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2024-7213
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2024-004995
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2024-36755
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2024-7213
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	JVNDB-2024-004995
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2024-36755 // JVNDB: JVNDB-2024-004995 // NVD: CVE-2024-7213 // NVD: CVE-2024-7213

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-004995 // NVD: CVE-2024-7213

EXTERNAL IDS

db:	NVD	id:	CVE-2024-7213	Trust: 3.2
db:	VULDB	id:	272784	Trust: 1.8
db:	JVNDB	id:	JVNDB-2024-004995	Trust: 0.8
db:	CNVD	id:	CNVD-2024-36755	Trust: 0.6

sources: CNVD: CNVD-2024-36755 // JVNDB: JVNDB-2024-004995 // NVD: CVE-2024-7213

REFERENCES

url:	https://github.com/abcdefg-png/iot-vulnerable/blob/main/totolink/a7000r/setwizardcfg.md	Trust: 1.8
url:	https://vuldb.com/?id.272784	Trust: 1.8
url:	https://vuldb.com/?submit.378313	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-7213	Trust: 1.4
url:	https://vuldb.com/?ctiid.272784	Trust: 1.0

sources: CNVD: CNVD-2024-36755 // JVNDB: JVNDB-2024-004995 // NVD: CVE-2024-7213

SOURCES

db:	CNVD	id:	CNVD-2024-36755
db:	JVNDB	id:	JVNDB-2024-004995
db:	NVD	id:	CVE-2024-7213

LAST UPDATE DATE

2024-08-29T23:14:07.398000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-36755	date:	2024-08-28T00:00:00
db:	JVNDB	id:	JVNDB-2024-004995	date:	2024-08-08T01:13:00
db:	NVD	id:	CVE-2024-7213	date:	2024-08-06T14:07:30.757

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-36755	date:	2024-08-23T00:00:00
db:	JVNDB	id:	JVNDB-2024-004995	date:	2024-08-08T00:00:00
db:	NVD	id:	CVE-2024-7213	date:	2024-07-30T03:15:01.817