Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:23 a.m.9 views

CVE-2023-48804

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

9.8CVSS7.1AI score0.01536EPSS
Exploits1
Circl
Circl
added 2023/12/21 3:11 p.m.8 views

CVE-2023-48804

creationtimestamp| type| source ---|---|--- 2023-12-21 15:11:31+00:00| seen| https://t.me/ctinow/157731...

9.8CVSS8.7AI score0.01536EPSS
Exploits1References1
NVD
NVD
added 2023/11/30 6:15 p.m.23 views

CVE-2023-48804

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

9.8CVSS0.01536EPSS
Exploits1References1
CVE
CVE
added 2023/11/30 12:0 a.m.51 views

CVE-2023-48804

Affected product: TOTOLINK X6000R, version 9.4.0cu.852_B20230719. Component/trigger: shttpd, function sub_4119A0; unfiltered front-end fields passed to CsteSystem via Uci_Set_The_Str. Root cause: improper input handling enables command construction and execution when fields reach CsteSystem. Impa...

9.8CVSS9.4AI score0.01536EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/11/30 12:0 a.m.28 views

CVE-2023-48804

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

9.8AI score0.01536EPSS
Exploits1References1
Rows per page
Query Builder