CVE-2024-32353 | Totolink X5000R 9.1.0cu.2350_B20230313 /cgi-bin/cstecgi.cgi setSSServer port command injection

Inserito da Angelo Barbosa | Mag 14, 2024 | CVE

A vulnerability was found in Totolink X5000R 9.1.0cu.2350_B20230313. It has been classified as critical. Affected is the function setSSServer of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument port leads to command injection.

This vulnerability is traded as CVE-2024-32353. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-32353 | Totolink X5000R 9.1.0cu.2350_B20230313 /cgi-bin/cstecgi.cgi setSSServer port command injection

Post correlati

CVE-2024-34643 | Samsung Devices Dressroom access control

CVE-2023-44297 | Dell PowerEdge BIOS 1.4.4 unknown vulnerability (dsa-2023-429)

CVE-2023-52494 | Linux Kernel up to 5.15.148/6.1.75/6.6.14/6.7.2 mhi is_valid_ring_ptr memory corruption

CVE-2024-26023 | Buffalo WSR-A2533DHP2 os command injection