CVE-2024-37626

June 20, 2024, 5:15 p.m.

Product(s) Impacted

TOTOLINK A6000R

V1.0.1-B20201211.2000

Description

A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.

Weaknesses

Date

Published: June 20, 2024, 5:15 p.m.

Last Modified: June 20, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

http://a6000r.com

cve@mitre.org

https://github.com/lakemoon602/vuln/blob/main/totolink/TOTOlink%20A6000R%20vif_enable.md

cve@mitre.org

https://www.totolink.net/

cve@mitre.org

CVE-2024-37626

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Received

Source

References

Share