Monthly Archive: May 2022

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/7.UploadCustomModule

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/4.setMacFilterRules

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/8.setIpPortFilterRules

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/6.setWiFiRepeaterConfig

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/1.setWiFiAclAddConfig

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/3.setIpQosRules

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/2.setPortForwardRules

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. Date published : 2022-05-10 https://github.com/d1tto/IoT-vuln/tree/main/Totolink/5.setStaticDhcpConfig

Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29151

Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29150

Visual Studio Remote Code Execution Vulnerability. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29148

.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29142

Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139. Date published : 2022-05-10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29141