8.8

CVE-2022-41524

Exploit
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TotolinkNr1800x Firmware Version9.1.0u.6279_b20210910
   TotolinkNr1800x Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.87% 0.539
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://brief-nymphea-813.notion.site/NR1800X-bof-setParentalRules-0da79b5ce7d44212b275a33b77935a42
Third Party Advisory
Exploit