CVE-2022-29642
First published: Wed May 18 2022(Updated: )
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A3100r Firmware | =4.1.2cu.5050_b20200504 | |
| Totolink A3100r Firmware | =4.1.2cu.5247_b20211129 | |
| TOTOLink A3100R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for TOTOLINK A3100R?
The vulnerability ID for TOTOLINK A3100R is CVE-2022-29642.
What is the severity of CVE-2022-29642?
The severity of CVE-2022-29642 is high, with a severity value of 7.5.
Which software versions are affected by CVE-2022-29642?
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 are affected by CVE-2022-29642.
What is the vulnerability type of CVE-2022-29642?
CVE-2022-29642 is a stack overflow vulnerability.
How can attackers exploit CVE-2022-29642?
Attackers can exploit CVE-2022-29642 by sending a crafted POST request with a malicious URL parameter to cause a Denial of Service (DoS).
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/type
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink a3100r firmware
- version/totolink a3100r firmware/4.1.2cu.5050_b20200504
- version/totolink a3100r firmware/4.1.2cu.5247_b20211129
- canonical/totolink a3100r