{"id":22485,"date":"2025-04-13T01:00:02","date_gmt":"2025-04-13T01:00:02","guid":{"rendered":""},"modified":"2025-05-29T11:44:30","modified_gmt":"2025-05-29T17:44:30","slug":"cve-2024-0576-critical-vulnerability-in-totolink-lr1200gb-leading-to-potential-system-compromise","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2024-0576-critical-vulnerability-in-totolink-lr1200gb-leading-to-potential-system-compromise\/","title":{"rendered":"<strong>CVE-2024-0576: Critical Vulnerability in Totolink LR1200GB Leading to Potential System Compromise<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>A critical vulnerability has been discovered in the Totolink LR1200GB 9.1.0u.6619_B20230130, a widely used router model. This vulnerability, identified as CVE-2024-0576, allows malicious actors to exploit a buffer overflow issue in the function setIpPortFilterRules of the file \/cgi-bin\/cstecgi.cgi. The vulnerability is particularly alarming due to its high severity, remote exploitability, and the lack of response from the vendor, putting numerous <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-33113-memory-corruption-vulnerability-leading-to-system-compromise-or-data-leakage\/\"  data-wpil-monitor-id=\"31334\">systems at risk of compromise or data<\/a> leakage.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2024-0576<br \/>\nSeverity: Critical (CVSS 8.8)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-0573-critical-vulnerability-in-totolink-lr1200gb-leading-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"29017\">Potential system<\/a> compromise or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-2885908046\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-0572-critical-vulnerability-in-totolink-lr1200gb-leading-to-system-compromise\/\"  data-wpil-monitor-id=\"28964\">Totolink LR1200GB<\/a> | 9.1.0u.6619_B20230130<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2780-critical-arbitrary-file-upload-vulnerability-in-woffice-core-plugin-for-wordpress\/\"  data-wpil-monitor-id=\"27344\">vulnerability lies within the setIpPortFilterRules function of the file<\/a> \/cgi-bin\/cstecgi.cgi. An attacker can manipulate the argument sPort, which leads to a stack-based <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-40714-critical-buffer-overflow-vulnerability-in-iot-devices\/\"  data-wpil-monitor-id=\"25820\">buffer overflow<\/a>. A <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-44250-critical-buffer-overflow-vulnerability-exploit\/\"  data-wpil-monitor-id=\"25823\">buffer overflow<\/a> occurs when more data is written to a buffer than it can handle, leading to the overflow of the extra data into adjacent memory areas. In this case, an attacker can remotely initiate the attack, exploiting the overflow to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-49589-the-critical-remote-code-execution-vulnerability-targeting-web-based-applications\/\"  data-wpil-monitor-id=\"26030\">execute arbitrary code<\/a>, potentially leading to system compromise or data leakage.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-2907408955\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>Here is a<br \/>\n<strong>conceptual<\/strong><br \/>\n example of how the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50123-exploitable-vulnerability-in-hozard-alarm-system-sms-authentication\/\"  data-wpil-monitor-id=\"34916\">vulnerability might be exploited<\/a>. This could be a crafted <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-4827-critical-buffer-overflow-vulnerability-in-totolink-http-post-request-handler\/\"  data-wpil-monitor-id=\"50942\">HTTP POST request<\/a>:<\/p>\n<pre><code class=\"\" data-line=\"\">POST \/cgi-bin\/cstecgi.cgi HTTP\/1.1\nHost: target.example.com\nContent-Type: application\/x-www-form-urlencoded\nsetIpPortFilterRules=sPort[99999]=malicious_payload<\/code><\/pre>\n<p>In this example, the `sPort` argument is filled with a large quantity of data, leading to a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-42833-critical-buffer-overflow-vulnerability-in-openssl\/\"  data-wpil-monitor-id=\"26021\">buffer overflow<\/a>. The `malicious_payload` would be the attacker&#8217;s <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-56406-buffer-overflow-vulnerability-in-perl-leading-to-potential-denial-of-service-and-code-execution\/\"  data-wpil-monitor-id=\"33116\">code designed to take advantage of the overflow<\/a> to achieve their goal.<\/p>\n<p><strong>Mitigation Guidance<\/strong><\/p>\n<p>Until the vendor <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47884-jenkins-openid-connect-provider-plugin-vulnerability-leading-to-unauthorized-access\/\"  data-wpil-monitor-id=\"49993\">provides a patch for this vulnerability<\/a>, users are advised to implement a Web Application Firewall (WAF) or Intrusion Detection System (IDS) as temporary mitigation. These <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2945-unveiling-the-system-access-vulnerability-in-network-security-protocols\/\"  data-wpil-monitor-id=\"26686\">systems<\/a> can help detect and block attempts to exploit the vulnerability. However, they should not be seen as a permanent solution. Users are encouraged to apply the vendor patch as soon as it becomes available for comprehensive protection.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview A critical vulnerability has been discovered in the Totolink LR1200GB 9.1.0u.6619_B20230130, a widely used router model. This vulnerability, identified as CVE-2024-0576, allows malicious actors to exploit a buffer overflow issue in the function setIpPortFilterRules of the file \/cgi-bin\/cstecgi.cgi. The vulnerability is particularly alarming due to its high severity, remote exploitability, and the lack of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[86],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-22485","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-buffer-overflow"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/22485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=22485"}],"version-history":[{"count":14,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/22485\/revisions"}],"predecessor-version":[{"id":45592,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/22485\/revisions\/45592"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=22485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=22485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=22485"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=22485"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=22485"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=22485"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=22485"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=22485"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=22485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}