CVE-2024-24327 | Totolink A3300R 17.0.0cu.557_B20221024 setIpv6Cfg pppoePass command injection

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability has been found in Totolink A3300R 17.0.0cu.557_B20221024 and classified as critical. This vulnerability affects the function setIpv6Cfg. The manipulation of the argument pppoePass leads to command injection.

This vulnerability was named CVE-2024-24327. The attack can only be done within the local network. There is no exploit available.

CVE-2024-24327 | Totolink A3300R 17.0.0cu.557_B20221024 setIpv6Cfg pppoePass command injection

Related Posts

CVE-2023-48766 | SVGator Plugin up to 1.2.4 on WordPress cross-site request forgery

CVE-2024-5635 | itsourcecode Bakery Online Ordering System 1.0 index.php txtsearch sql injection

CVE-2024-6725 | Formidable Forms Plugin up to 6.11.1 on WordPress cross site scripting

CVE-2023-6458 | Mattermost up to 7.8.13/8.1.4/9.0.2/9.1.1 Route in//channels/ allowing injection