2 matches found
CVE-2024-42747
In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...
CVE-2024-42747
CVE-2024-42747 – TOTOLINK X5000r : A command-injection in /cgi-bin/cstecgi.cgi (setWanIeCfg) on TOTOLINK X5000r v9.1.0cu.2350_b20230313 allows authenticated attackers to execute arbitrary commands. The vulnerability stems from insufficient input validation in the affected function. Exploitation c...