3 matches found
CVE-2023-24157
A command injection vulnerability in the serverIp parameter in the function updateWifiInfo of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet...
CVE-2023-24157
A command injection vulnerability in the serverIp parameter in the function updateWifiInfo of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet...
CVE-2023-24157
The CVE-2023-24157 entry concerns TOTOLINK T8 devices where the serverIp parameter in the updateWifiInfo function is vulnerable to command injection. A crafted MQTT packet can trigger arbitrary command execution, impacting confidentiality, integrity, and availability. Multiple sources (NVD, Red H...