3 matches found
CVE-2023-48807
In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...
CVE-2023-48807
In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...
CVE-2023-48807
CVE-2023-48807 affects TOTOLINK X6000R (V9.4.0cu.852_B20230719). The vulnerability is in the shttpd component where sub_4119A0 obtains front-end fields via Uci_Set_The Str and passes them to CsteSystem, enabling command execution. Impact is high (remote attacker network access, no user interactio...