CVE-2023-46552 — Out-of-bounds Write in X2000r Firmware

Severity

9.8CRITICALNVD

EPSS

0.2%

top 52.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 25

Description

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶NVDtotolink/x2000r_firmware1.0.0-b20230221.0948

GHSA

GHSA-9hvq-rw3f-pq55: TOTOLINK X2000R Gh v1↗2023-10-25

▶

CVEList

CVE-2023-46552: TOTOLINK X2000R Gh v1↗2023-10-25

▶

Exploit-DB

D-Link DIR-846 - Remote Command Execution (RCE) vulnerability↗2023-04-05

▶