CVE-2022-36464 — Out-of-bounds Write in A3700r Firmware

Severity

7.8HIGHNVD

EPSS

0.1%

top 78.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 25

Latest updateAug 26

Description

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDtotolink/a3700r_firmware9.1.2u.6134_b20201202

GHSA

GHSA-373f-fj9q-cmrg: TOTOLINK A3700R V9↗2022-08-26

▶

CVEList

CVE-2022-36464: TOTOLINK A3700R V9↗2022-08-25

▶