Key Information Product Information Vendor: TOTOLINK Affected Product: X15 Affected Firmware Version: V1.0.0_B20230714:1105 Firmware Download Link: download Vulnerability Overview The TOTOLINK X15 router running firmware V1.0.0_B20230714:1105 is affected by a severe buffer overflow vulnerability. This vulnerability can be triggered via the router's endpoint, allowing attackers to perform a Denial-of-Service (DoS) attack by sending malicious HTTP POST requests. Vulnerability Details The code contains the following critical issues: In the function, input data handling is insufficient, leading to a buffer overflow. Specifically, on lines 50 and 51, the use of and lacks boundary checks, which may result in buffer overflow. POC (Proof of Concept) Conclusion This vulnerability enables attackers to trigger a buffer overflow by sending a specific HTTP POST request, potentially causing the router to crash or be compromised. Users are strongly advised to update their firmware as soon as possible to mitigate this risk.