A vulnerability classified as critical has been found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected is the function
apcli_wps_gen_pincode
. The manipulation of the argument ifname leads to command injection.
This vulnerability is traded as CVE-2024-41318. The attack can only be initiated within the local network. There is no exploit available.