3 matches found
TotoLink Router setPortForwardRules - Command Injection
TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function. id: CVE-2024-24329 info: name: TotoLink Router setPortForwardRules - Command Injection author: pussycat0x severity: critical description...
CVE-2024-24329
creationtimestamp| type| source ---|---|--- 2024-01-30 16:22:10+00:00| seen| https://t.me/ctinow/176043 2024-02-01 08:16:32+00:00| seen| https://t.me/ctinow/177364 2024-02-22 08:08:04+00:00| seen| https://t.me/ctinow/190519 2025-02-12 09:28:20+00:00| seen|...
CVE-2024-24329
The CVE-2024-24329 entry concerns TOTOLINK A3300R, affected firmware V17.0.0cu.557_B20221024. The vulnerability is a command injection in the setPortForwardRules function, exploitable via the enable parameter which is insufficiently filtered, allowing an attacker to execute arbitrary OS commands....