5 matches found
CVE-2024-57017
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg...
CVE-2024-57017
creationtimestamp| type| source ---|---|--- 2025-01-15 16:54:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1793 2025-01-15 17:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsbel7etn2j 2025-01-15 18:24:35+00:00| seen|...
CVE-2024-57017
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg...
CVE-2024-57017
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg...
CVE-2024-57017
Totolink X5000R exposure: OS command injection in setVpnAccountCfg via the pass parameter on firmware V9.1.0cu.2350_B20230313. Root cause appears to be inadequate filtering of input (CNVD entry notes failure to filter constructor special characters/commands). Impact described as arbitrary command...