CVE-2024-46451
Published: 16 September 2024
Summary
CVE-2024-46451 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Totolink T8 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 5.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The vulnerability CVE-2024-46451 is a buffer overflow (CWE-120) in the TOTOLINK AC1200 T8 router firmware version v4.1.5cu.861_B20230220. It resides in the setWiFiAclRules function and is triggered via the desc parameter, resulting in a CVSS 3.1 score of 9.8 that reflects unauthenticated network access with full impacts on confidentiality, integrity, and availability.
An unauthenticated remote attacker can send a crafted request to the affected function over the network to trigger the overflow, enabling arbitrary code execution or denial of service that fully compromises the device. The current and peak EPSS score of 0.1619 indicates moderate and stable exploitation interest since disclosure.
A technical write-up with reproduction details is published at the referenced GitHub repository, but no vendor advisory, firmware patch, or mitigation steps are documented in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-41842
Vulnerability details
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in web function setWiFiAclRules enables remote code execution on public-facing router web interface.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.