CVE-2025-28029

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://locrian-lightning-dc7.notion.site/BufferOverflow5-1978e5e2b1a28043af78e5ccfc0203a0
https://locrian-lightning-dc7.notion.site/CVE-2025-28023-CVE-2025-28029-BufferOverflow5-1978e5e2b1a28043af78e5ccfc0203a0

Configurations

No configuration.

History

23 Apr 2025, 15:15

Type	Values Removed	Values Added
References		() https://locrian-lightning-dc7.notion.site/CVE-2025-28023-CVE-2025-28029-BufferOverflow5-1978e5e2b1a28043af78e5ccfc0203a0 -
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.3
CWE		CWE-121

23 Apr 2025, 14:08

Type	Values Removed	Values Added
Summary		(es) Se descubrió que TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 y A3100R V4.1.2cu.5247_B20211129 contenían una vulnerabilidad de desbordamiento de búfer en cstecgi.cgi.

22 Apr 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-22 18:15

Updated : 2025-04-23 15:15

NVD link : CVE-2025-28029

Mitre link : CVE-2025-28029

CVE.ORG link : CVE-2025-28029

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

7.3 /10