CVE-2024-23061 | Totolink A3300R 17.0.0cu.557_B20221024 setScheduleCfg minute command injection

Inserito da Angelo Barbosa | Gen 11, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Totolink A3300R 17.0.0cu.557_B20221024. This issue affects the function setScheduleCfg. The manipulation of the argument minute leads to command injection.

The identification of this vulnerability is CVE-2024-23061. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-23061 | Totolink A3300R 17.0.0cu.557_B20221024 setScheduleCfg minute command injection

Post correlati

CVE-2023-6895 | Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) /php/ping.php jsondata[ip] os command injection

CVE-2024-1697 | Custom WooCommerce Checkout Fields Editor Plugin up to 1.3.1 on WordPress cross site scripting

CVE-2022-36028 | BigBlueButton Greenlight up to 2.12.x Login Page return_to redirect

CVE-2024-1453 | Santesoft Sante DICOM Viewer Pro up to 14.0.3 DICOM File Parser out-of-bounds (icsma-24-058-01)