CVE-2024-23057 | Totolink A3300R 17.0.0cu.557_B20221024 setNtpCfg tz command injection

Posted by Angelo Barbosa | Jan 11, 2024 | CVE

A vulnerability was found in Totolink A3300R 17.0.0cu.557_B20221024. It has been rated as critical. Affected by this issue is the function setNtpCfg. The manipulation of the argument tz leads to command injection.

This vulnerability is handled as CVE-2024-23057. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-23057 | Totolink A3300R 17.0.0cu.557_B20221024 setNtpCfg tz command injection

Related Posts

CVE-2024-31274 | WPDeveloper EmbedPress Plugin up to 3.9.11 on WordPress authorization

CVE-2024-32780 | E4J VikRentCar Plugin up to 1.3.2 on WordPress information disclosure

CVE-2023-6203 | Events Calendar Plugin up to 6.2.8.0 on WordPress Password information disclosure

CVE-2024-6530 | GitLab up to 17.2.8/17.3.4/17.4.1 cross site scripting (Issue 471049)