CVE-2024-0294
CVE-2024-0294 affects Totolink LR1200GB (firmware 9.1.0u.6619_B20230130). The vulnerability is in the /cgi-bin/cstecgi.cgi setUssd function, where unsafely handling the ussd parameter enables os command injection. It is exploitable remotely, with public disclosure. The issue is described across m...