CVE-2024-34218 | Totolink CP450 4.1.0cu.747_B20191224 Request NTPSyncWithHost hostTime command injection

Inserito da Angelo Barbosa | Mag 9, 2024 | CVE

A vulnerability classified as critical has been found in Totolink CP450 4.1.0cu.747_B20191224. This affects the function NTPSyncWithHost of the component Request Handler. The manipulation of the argument hostTime leads to command injection.

This vulnerability is uniquely identified as CVE-2024-34218. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-34218 | Totolink CP450 4.1.0cu.747_B20191224 Request NTPSyncWithHost hostTime command injection

Post correlati

CVE-2024-6110 | itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0 controller.php image unrestricted upload

CVE-2024-4143 | HP PC AMI BIOS Privilege Escalation

CVE-2024-2365 | Musicshelf 1.0/1.1 on Android SHA-1 PinningTrustManager.java weak password hash

CVE-2024-35299 | JetBrains YouTrack prior 2024.1.29548 SMTPS certificate validation