A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function
exportOvpn
. The manipulation leads to os command injection.
This vulnerability is traded as CVE-2024-8869. It is possible to launch the attack remotely. There is no exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.