CVE-2024-32355 | Totolink X5000R 9.1.0cu.2350_B20230313 setSSServer password command injection

Posted by Angelo Barbosa | May 14, 2024 | CVE

A vulnerability was found in Totolink X5000R 9.1.0cu.2350_B20230313. It has been rated as critical. Affected by this issue is the function setSSServer. The manipulation of the argument password leads to command injection.

This vulnerability is handled as CVE-2024-32355. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-32355 | Totolink X5000R 9.1.0cu.2350_B20230313 setSSServer password command injection

Related Posts

CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:WindowsTemp permission assignment

CVE-2024-0949 | Talya Informatics Elektraweb up to 17.0.67 access control

CVE-2024-42302 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 dpc_handler use after free

CVE-2023-49783 | SilverStripe Admin up to 1.13.18/2.1.7 getCheckPermissions authorization