2 matches found
CVE-2023-29802
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function...
CVE-2023-29802
TOTOLINK X18 firmware V9.1.0cu.2024_B20220329 contains a critical command-injection vulnerability in setDiagnosisCfg (ip parameter). CVSS 3.1: 9.8 (CRITICAL), Network, No auth, No user interaction; impacts Confidentiality, Integrity, Availability. Connected sources indicate a PoC exists and autom...