Today > 5 Critical | 7 High | 33 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-52723

Nov. 22, 2024, 4:15 p.m.

Product(s) Impacted

TOTOLINK X6000R

  • V9.4.0cu.1041_B20240224

Description

In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacker can achieve arbitrary command execution by constructing the payload.

Weaknesses

Date

Published: Nov. 22, 2024, 4:15 p.m.

Last Modified: Nov. 22, 2024, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References