CVE-2024-32352

2024-05-1416:17:03

[email protected]

web.nvd.nist.gov

totolink x5000r

v9.1.0cu.2350_b20230313

remote command execution

cstecgi.cgi binary

authenticated

ipsecl2tpenable .

7.5 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the “ipsecL2tpEnable” parameter in the “cstecgi.cgi” binary.

References

github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md

www.totolink.net/