CVE-2024-24331 | Totolink A3300R 17.0.0cu.557_B20221024 setWiFiScheduleCfg enable command injection

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability was found in Totolink A3300R 17.0.0cu.557_B20221024. It has been declared as critical. Affected by this vulnerability is the function setWiFiScheduleCfg. The manipulation of the argument enable leads to command injection.

This vulnerability is known as CVE-2024-24331. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-24331 | Totolink A3300R 17.0.0cu.557_B20221024 setWiFiScheduleCfg enable command injection

Related Posts

CVE-2024-30002 | Microsoft unknown vulnerability

CVE-2023-48225 | labring laf up to 1.0.0-beta12 envFrom information disclosure

CVE-2021-47444 | Linux Kernel up to 5.10.74/5.14.13 on DP edid connector_bad_edid allocation of resources (a7b45024f66f/09f3946bb452/97794170b696)

CVE-2024-10460 | Mozilla Firefox up to 131 iFrame ui layer