CVE-2024-42738 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setDmzCfg os command injection

Posted by Angelo Barbosa | Aug 13, 2024 | CVE

A vulnerability classified as critical was found in TOTOLINK X5000r 9.1.0cu.2350_b20230313. Affected by this vulnerability is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to os command injection.

This vulnerability is known as CVE-2024-42738. The attack can be launched remotely. There is no exploit available.

CVE-2024-42738 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setDmzCfg os command injection

Related Posts

CVE-2024-5675 | Summar Software Mentor Employee Portal 3.83.35 ViewState deserialization

CVE-2024-44570 | Relyum RELY-PCIe up to 23.1.0 phpinf.php getParams code injection

CVE-2024-37500 | Beaver Builder Plugin up to 2.8.2.2 on WordPress cross site scripting

CVE-2024-22876 | StrangeBee TheHive up to 5.1.9/5.2.8 Cache Attachment cross site scripting (SB-SEC-ADV-2023-002)