TOTOLINK X5000R ipsecL2tpEnable Parameter Code Execution Vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A code execution vulnerability exists in the TOTOLINK X5000R ipsecL2tpEnable parameter, which stems from the ipsecL2tpEnable parameter of cstecgi.cgi failing to correctly filter the special elements of the constructed code...