CVE-2024-28640
Published: 16 March 2024
Summary
CVE-2024-28640 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Totolink X5000R Firmware. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 4.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-28640 is a buffer overflow vulnerability, tracked under CWE-125 as an out-of-bounds read, that affects the TOTOLINK X5000R router running firmware V9.1.0u.6118-B20201102 and the A7000R router running V9.1.0u.6115-B20201022. The flaw resides in handling of the command field and carries a CVSS 3.1 base score of 7.5, reflecting network-accessible exploitation with no required credentials or user interaction that results in high impact to availability.
An unauthenticated remote attacker can send a crafted command value to the affected devices, triggering the overflow and causing a denial-of-service condition that disrupts router operation. No authentication or local access is needed, allowing exploitation from anywhere on the network path to the device’s management interface.
Public references point to GitHub repositories documenting the TOTOLINK issues, but they contain no vendor advisory, firmware patch, or mitigation guidance. The EPSS score currently stands at 0.1705 with a recorded peak of 0.1742, indicating moderate and relatively stable exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-25735
Vulnerability details
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.