CVE-2024-8869 | TOTOLINK A720R 4.1.5 exportOvpn os command injection

Inserito da Angelo Barbosa | Set 14, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-8869. It is possible to launch the attack remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8869 | TOTOLINK A720R 4.1.5 exportOvpn os command injection

Post correlati

CVE-2024-2159 | Social Sharing Plugin up to 3.3.60 on WordPress Shortcode Attribute cross site scripting

CVE-2024-30194 | WP Sunshine Sunshine Photo Cart Plugin up to 3.1.1 on WordPress cross site scripting

CVE-2024-35768 | Live Composer Team Page Builder Plugin up to 1.5.42 on WordPress cross site scripting

CVE-2024-4557 | GitLab Community Edition/Enterprise Edition up to 16.11.4/17.0.2/17.1.0 Banzai Pipeline resource consumption (Issue 460517)