CVE-2022-41526

HIGH

TOTOLINK NR1800X V9.1.0u.6279_B20210910 - Authenticated Stack Overflow via setDiagnosisCfg ip Parameter

Title source: llm

Description

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the ip parameter in the setDiagnosisCfg function.

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://brief-nymphea-813.notion.site/NR1800X-bof-setDiagnosisCfg-fcbc55a98e4b4bfbb94db610e666e834

Scores

CVSS v3 8.8

EPSS 0.0039

EPSS Percentile 60.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

totolink/nr1800x_firmware 9.1.0u.6279_b20210910

Published Oct 06, 2022

Tracked Since Feb 18, 2026