CVE-2024-36783 | Totolink LR350 9.3.5u.6369_B20220309 NTPSyncWithHost host_time command injection

Inserito da Angelo Barbosa | Giu 3, 2024 | CVE

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. It has been rated as critical. Affected by this issue is the function NTPSyncWithHost. The manipulation of the argument host_time leads to command injection.

This vulnerability is handled as CVE-2024-36783. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-36783 | Totolink LR350 9.3.5u.6369_B20220309 NTPSyncWithHost host_time command injection

Post correlati

CVE-2024-5391 | itsourcecode Online Student Enrollment System 1.0 listofsubject.php subjcode sql injection

CVE-2024-21038 | Oracle Complex Maintenance, Repair, and Overhaul up to 12.2.13 LOV Remote Code Execution

CVE-2024-29786 | Google Android link_rx_pktproc.c pktproc_fill_data_addr_without_bm out-of-bounds write

CVE-2024-6885 | MaxiBlocks Plugin up to 1.9.2 on WordPress denial of service