Lucene search
+L

TOTOLINK X5000R setVpnAccountCfg function user parameter command injection vulnerability

🗓️ 17 Jan 2025 00:00:00Reported by China National Vulnerability DatabaseType 
cnvd
 cnvd
🔗 www.cnvd.org.cn👁 12 Views

TOTOLINK X5000R router has a command injection vulnerability in setVpnAccountCfg function's user parameter.

Related
Refs
ReporterTitlePublishedViews
Family
bdu_fstec
The vulnerability of the setVpnAccountCfg() function (/web/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router’s microprogramming software allows a attacker to execute arbitrary commands.
4 Feb 202500:00
bdu_fstec
circl
CVE-2024-57016
15 Jan 202516:54
circl
cnnvd
TOTOLINK X5000R 安全漏洞
15 Jan 202500:00
cnnvd
cve
CVE-2024-57016
15 Jan 202500:00
cve
cvelist
CVE-2024-57016
15 Jan 202500:00
cvelist
euvd
EUVD-2024-53489
3 Oct 202520:07
euvd
nvd
CVE-2024-57016
15 Jan 202517:15
nvd
osv
CVE-2024-57016
15 Jan 202517:15
osv
ptsecurity
PT-2025-3382 · Totolink · Totolink X5000R
9 Jan 202500:00
ptsecurity
redhatcve
CVE-2024-57016
23 May 202507:05
redhatcve
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Jun 2025 00:00Current
9.5High risk
Vulners AI Score9.5
CVSS 3.18.8
EPSS0.01573
SSVC
12