CVE-2024-41318 | TOTOLINK A6000R 1.0.1-B20201211.2000 apcli_wps_gen_pincode ifname command injection

Inserito da Angelo Barbosa | Lug 22, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected is the function apcli_wps_gen_pincode. The manipulation of the argument ifname leads to command injection.

This vulnerability is traded as CVE-2024-41318. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-41318 | TOTOLINK A6000R 1.0.1-B20201211.2000 apcli_wps_gen_pincode ifname command injection

Post correlati

CVE-2024-31929 | Polevaultweb Intagrate Lite Plugin up to 1.3.7 on WordPress cross site scripting

CVE-2024-35659 | KiviCare Plugin up to 3.6.2 on WordPress authorization

CVE-2023-48694 | azure-rtos usbx up to 6.2.1 type confusion (GHSA-qjw8-7w86-44qj)

CVE-2024-28275 | Puwell Cloud Tech 360Eyes Pro 3.9.5.16(3090516) cleartext transmission