{"id":22489,"date":"2025-04-13T05:01:00","date_gmt":"2025-04-13T05:01:00","guid":{"rendered":""},"modified":"2025-05-05T18:16:01","modified_gmt":"2025-05-05T18:16:01","slug":"cve-2024-0578-critical-buffer-overflow-vulnerability-in-totolink-lr1200gb","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2024-0578-critical-buffer-overflow-vulnerability-in-totolink-lr1200gb\/","title":{"rendered":"CVE-2024-0578: Critical Buffer Overflow Vulnerability in Totolink LR1200GB<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity landscape is continually evolving, with new vulnerabilities being discovered and exploited by hackers on a daily basis. One such critical vulnerability has been identified in the popular networking product, Totolink LR1200GB, which has the potential to compromise systems or leak sensitive data. This vulnerability, termed CVE-2024-0578, pertains to the function UploadCustomModule in the file \/cgi-bin\/cstecgi.cgi and can be exploited remotely<\/a>, causing serious security concerns for users of the affected product.
\nThe severity of this issue is underscored by its CVSS Severity Score of 8.8, marking it as a critical threat<\/a>. It’s noteworthy that the vendor was contacted regarding this disclosure at an early stage, however, they did not respond, which could have implications for the speed at which a patch or fix is rolled out.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2024-0578
\nSeverity: Critical (8.8 CVSS Score)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n