7Oca
CVE-2023-7222 | Totolink X2000R 1.0.0-B20221212.1452 HTTP POST Request /bin/boa formTmultiAP submit-url buffer overflow
A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the functionformTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow.
This vulnerability was named CVE-2023-7222. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
