CVE-2024-24326
TOTOLINK A3300R firmware V17.0.0cu.557_B20221024 is affected by a command-injection vulnerability in the setStaticDhcpRules function via the arpEnable parameter. The root cause is insufficient input filtering for constructed command characters, enabling remote command execution with network acces...