TOTOLink Vulnerability Vendor: TOTOLink Product: A7000R Version: V9.1.0u.6115_B20201022 Vulnerability Type: Stack Overflow Author: Chuanhao Wan Institution: Huazhong University of Science and Technology (HUST) Vulnerability Cause In the function, the parameter is obtained via and passed to the function for decoding. The function does not check the length of the input string, leading to a buffer overflow if the is too long. This causes a Denial of Service (DoS) attack. PoC Result The target router crashes and cannot provide services correctly and persistently.