CVE-2024-34205 | Totolink CP450 4.1.0cu.747_B20191224 download_firmware command injection

Posted by Angelo Barbosa | May 9, 2024 | CVE

A vulnerability, which was classified as critical, was found in Totolink CP450 4.1.0cu.747_B20191224. This affects the function download_firmware. The manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2024-34205. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-34205 | Totolink CP450 4.1.0cu.747_B20191224 download_firmware command injection

Related Posts

CVE-2024-5081 | WP-FeedStats wp-eMember Plugin up to 10.6.x on WordPress cross site scripting

CVE-2024-22267 | VMware Workstation/Fusion vbluetooth Device use after free

CVE-2024-28759 | Wind River VxWorks up to 23.09 Packet buffer overflow

CVE-2023-39932 | Intel SUR for Gameplay Software prior 2.0.1901 uncontrolled search path (intel-sa-01004)