CVE-2024-24332 | Totolink A3300R 17.0.0cu.557_B20221024 setUrlFilterRules url command injection

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability was found in Totolink A3300R 17.0.0cu.557_B20221024. It has been rated as critical. Affected by this issue is the function setUrlFilterRules. The manipulation of the argument url leads to command injection.

This vulnerability is handled as CVE-2024-24332. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-24332 | Totolink A3300R 17.0.0cu.557_B20221024 setUrlFilterRules url command injection

Related Posts

CVE-2023-43487 | Intel CST prior 2.1.10300 access control (intel-sa-01021)

CVE-2024-41819 | enchant97 note-mark up to 0.13.0 URL cross site scripting (GHSA-rm48-9mqf-8jc3)

CVE-2024-34765 | Sensei Pro WC Paid Courses Plugin up to 4.23.1.1.23.1 on WordPress cross site scripting

CVE-2023-26206 | Fortinet FortiNAC up to 7.2.0/9.1.10/9.2.8/9.4.2 Policy Audit Log name cross site scripting (FG-IR-23-063)