CVE-2024-0296
Totolink N200RE v9.3.5u.6139_B20201216 is affected by OS command injection in the NTPSyncWithHost function of /cgi-bin/cstecgi.cgi. The vulnerability stems from improper handling of the host_time parameter, enabling remote command execution. Public exploit/disclosure exists. Affected product: Tot...