CVE-2023-51027

2023-12-2200:00:00

mitre

www.cve.org

totolink

ex1800t

unauthorized command execution

setwifiextenderconfig

cstecgi .cgi

9.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.0%

JSON

TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.

References

815yang.github.io/2023/12/11/EX1800T/2/3/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setWiFiExtenderConfig-apcliAuthMode/