First published: Tue Sep 06 2022(Updated: )
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Totolink A3002r Firmware | =1.1.1-b20200824.0128 | |
TOTOLINK A3002R |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-40112 refers to a vulnerability found in TOTOLINK A3002R firmware version 1.1.1-b20200824.0128, which allows for a buffer overflow via the hostname parameter in binary /bin/boa.
CVE-2022-40112 has a severity rating of 7.5 (High).
CVE-2022-40112 affects TOTOLINK A3002R firmware version 1.1.1-b20200824.0128 by allowing a buffer overflow attack via the hostname parameter in binary /bin/boa.
To fix CVE-2022-40112, it is recommended to update the TOTOLINK A3002R firmware to a version that is not vulnerable.
You can find more information about CVE-2022-40112 at the following reference link: [GitHub - TOTOLINK A3002R CVE-2022-40112](https://github.com/1759134370/iot/blob/main/TOTOLINK/A3002R/3.md).