The vulnerability of the setSyslogCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router’s microprogramming software allows a intruder to execute any command they desire.
The vulnerability of the setSyslogCfg function /cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router’s microprogramming software exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacke...