A vulnerability was found in Totolink X5000R 9.1.0cu.2350_B20230313. It has been declared as critical. Affected by this vulnerability is the function
setSSServer
of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument timeout leads to command injection.
This vulnerability is known as CVE-2024-32354. The attack needs to be initiated within the local network. There is no exploit available.