A vulnerability classified as critical has been found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected is the function apcli_wps_gen_pincode. The manipulation of the argument ifname leads to command injection.

This vulnerability is traded as CVE-2024-41318. The attack can only be initiated within the local network. There is no exploit available.