CVE-2024-8869 | TOTOLINK A720R 4.1.5 exportOvpn os command injection

Inserito da Angelo Barbosa | Set 14, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-8869. It is possible to launch the attack remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8869 | TOTOLINK A720R 4.1.5 exportOvpn os command injection

Post correlati

CVE-2023-43279 | tcpreplay 4.4.4 Tcprewrite cidr.c mask_cidr6 null pointer dereference (Issue 824)

CVE-2015-10132 | Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress spreadplugin.php cross site scripting

CVE-2024-3312 | Easy Custom Auto Excerpt Plugin up to 2.4.12 on WordPress information disclosure

CVE-2023-41665 | GiveWP Plugin up to 2.33.0 on WordPress privileges management