Improper Handling of Parameters

CVE-2024-31808

High

8.8/10

Summary

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-233 - Improper Handling of Parameters

The software does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.

References

Advisory Timeline

Published Apr 08, 2024

Improper Handling of Parameters

CVE-2024-31808

Summary

CWE-233 - Improper Handling of Parameters

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS