CVE-2024-32355 | Totolink X5000R 9.1.0cu.2350_B20230313 setSSServer password command injection

Posted by Angelo Barbosa | May 14, 2024 | CVE

A vulnerability was found in Totolink X5000R 9.1.0cu.2350_B20230313. It has been rated as critical. Affected by this issue is the function setSSServer. The manipulation of the argument password leads to command injection.

This vulnerability is handled as CVE-2024-32355. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-32355 | Totolink X5000R 9.1.0cu.2350_B20230313 setSSServer password command injection

Related Posts

CVE-2023-40083 | Google Android 12/12L/13/14 utils.cc parse_gap_data information disclosure

CVE-2024-51529 | Huawei HarmonyOS up to 4.2.0 Battery Module denial of service

CVE-2023-48312 | capsule-proxy up to 0.4.5 TokenReview improper authentication

CVE-2024-21778 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK mib_init_value_array heap-based overflow (TALOS-2024-1911)