CVE-2024-57018 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg desc os command injection

Inserito da Angelo Barbosa | Gen 15, 2025 | CVE

A vulnerability, which was classified as critical, has been found in TOTOLINK X5000R 9.1.0cu.2350_B20230313. Affected by this issue is the function setVpnAccountCfg. The manipulation of the argument desc leads to os command injection.

This vulnerability is handled as CVE-2024-57018. The attack may be launched remotely. There is no exploit available.

CVE-2024-57018 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg desc os command injection

Post correlati

CVE-2024-12907 | Kentico CMS 7 GET Request Parameter AccessDenied.aspx cross site scripting

CVE-2023-49113 | Kiuwan SAST prior master.1808.p685.q13371 optimyth-insight.jar cleartext storage

CVE-2024-24698 | Zoom Desktop Client improper authentication

CVE-2024-23301 | Relax-and-Recover up to 2.7 information disclosure (Issue 3122)