Last week, a series of memory corruption CVEs affecting an old TOTOLINK router were discovered, prompting a test of PRIZM ZERO, an automated vulnerability discovery tool. The team found opportunities to identify vulnerabilities by analyzing the cstecgi.cgi binary. PRIZM ZERO employs binary analysis scripts to pinpoint bug candidates, reducing an initial 236 findings to 35 through triaging and deduplication. During the review, several true positives were mapped to existing CVEs, highlighting issues like buffer overflows in various functions, but one CVE (CVE-2025-5902) was notably missing due to differences in firmware. The experiment revealed areas for improvement in the tool’s analysis capabilities, particularly around fine-tuning the detection of complex bug classes and optimizing the deduplication process. Overall, the findings underscore the consistent security shortcomings in TOTOLINK devices and emphasize the tool’s potential for enhancing vulnerability discovery. PRIZM ZERO continues to evolve, seeking participant feedback for further refinement.
Source link
Targeting Vulnerabilities in TOTOLINK Routers Using AI-Powered Binary Analysis
Leave a Comment
Leave a Comment
