CVE-2024-57017 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg pass os command injection

Posted by Angelo Barbosa | Jan 15, 2025 | CVE

A vulnerability has been found in TOTOLINK X5000R 9.1.0cu.2350_B20230313 and classified as critical. This vulnerability affects the function setVpnAccountCfg. The manipulation of the argument pass leads to os command injection.

This vulnerability was named CVE-2024-57017. The attack can be initiated remotely. There is no exploit available.

CVE-2024-57017 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg pass os command injection

Related Posts

CVE-2024-9454 | PriPre Plugin up to 0.4.11 on WordPress SVG File Upload cross site scripting

CVE-2024-51456 | IBM Robotic Process Automation up to 21.0.7.19/23.0.19 rsa algorithm without oaep

CVE-2024-57765 | MSFM prior 2025.01.01 table/list s_name sql injection

CVE-2024-3383 | Palo Alto Networks PAN-OS up to 10.1.10/10.2.4/11.0.2 Cloud Identity Engine improper ownership management