2 matches found
CVE-2023-37145
TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function...
CVE-2023-37145
TOTOLINK LR350 is affected by a command injection vulnerability tracked as CVE-2023-37145 in version 9.3.5u.6369_B20220309. The issue arises in the setOpModeCfg function through an unsafely handled hostname parameter, enabling potential remote code execution. The NVD entry assigns a CVSS‑3.1 base...