CVE-2023-48812
CVE-2023-48812 affects TOTOLINK X6000R with firmware V9.4.0cu.852_B20230719. The shttpd sub_4119A0 routine collects front-end fields and, via Uci_Set_ and Str, passes input to CsteSystem, yielding a remote command execution vulnerability. Reported impact is high (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U...