What is the severity of CVE-2024-28639?

CVE-2024-28639 is classified as a high severity vulnerability due to its potential to allow remote code execution and denial of service.

How do I fix CVE-2024-28639?

To fix CVE-2024-28639, update the firmware of your TOTOLINK X5000R and A7000R devices to the latest versions.

Which devices are affected by CVE-2024-28639?

CVE-2024-28639 affects the TOTOLINK X5000R firmware version 9.1.0u.6118-B20201102 and A7000R firmware version 9.1.0u.6115-B20201022.

What can attackers achieve with CVE-2024-28639?

Attackers can exploit CVE-2024-28639 to execute arbitrary code on affected devices and potentially cause a denial of service.

Is CVE-2024-28639 patched in later firmware versions?

Yes, later firmware versions released after 9.1.0u.6118-B20201102 and 9.1.0u.6115-B20201022 should contain patches for CVE-2024-28639.

Vulnerability/
CVE-2024-28639

critical

9.8

CWE

119 120

EPSS

0.043%

16/3/2024

16/12/2024

CVE-2024-28639: Buffer Overflow

First published: Sat Mar 16 2024(Updated: )

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service (DoS) via the IP field.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
All of
TOTOLINK X5000R firmware	=9.1.0u.6118_b20201102
TOTOLINK X5000R firmware
All of
TOTOLINK A7000R firmware	=9.1.0u.6115_b20201022
TOTOLINK A7000R firmware

Never miss a vulnerability like this again

Reference Links

https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_1.md

Frequently Asked Questions

What is the severity of CVE-2024-28639?
CVE-2024-28639 is classified as a high severity vulnerability due to its potential to allow remote code execution and denial of service.
How do I fix CVE-2024-28639?
To fix CVE-2024-28639, update the firmware of your TOTOLINK X5000R and A7000R devices to the latest versions.
Which devices are affected by CVE-2024-28639?
CVE-2024-28639 affects the TOTOLINK X5000R firmware version 9.1.0u.6118-B20201102 and A7000R firmware version 9.1.0u.6115-B20201022.
What can attackers achieve with CVE-2024-28639?
Attackers can exploit CVE-2024-28639 to execute arbitrary code on affected devices and potentially cause a denial of service.
Is CVE-2024-28639 patched in later firmware versions?
Yes, later firmware versions released after 9.1.0u.6118-B20201102 and 9.1.0u.6115-B20201022 should contain patches for CVE-2024-28639.

agent/references
agent/description
agent/first-publish-date
agent/type
agent/author
agent/event
collector/epss-latest
source/FIRST
agent/epss
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/severity
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/totolink
canonical/totolink x5000r firmware
version/totolink x5000r firmware/9.1.0u.6118_b20201102
canonical/totolink a7000r firmware
version/totolink a7000r firmware/9.1.0u.6115_b20201022

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.