korey0sh1

3 exploits Active since Aug 2023
CVE-2023-40041 WRITEUP CRITICAL WORKING POC
Totolink T10 V2 Firmware - Out-of-Bounds Write
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cste_modules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code.
CVSS 9.8
CVE-2023-40042 WRITEUP CRITICAL WORKING POC
Totolink T10 V2 Firmware - Out-of-Bounds Write
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code.
CVSS 9.8
CVE-2023-40915 WRITEUP HIGH WRITEUP
Tenda AX3 <16.03.12.11 - Buffer Overflow
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.
CVSS 7.5