CVE-2024-34205 | Totolink CP450 4.1.0cu.747_B20191224 download_firmware command injection

Posted by Angelo Barbosa | May 9, 2024 | CVE

A vulnerability, which was classified as critical, was found in Totolink CP450 4.1.0cu.747_B20191224. This affects the function download_firmware. The manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2024-34205. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-34205 | Totolink CP450 4.1.0cu.747_B20191224 download_firmware command injection

Related Posts

CVE-2024-3362 | SourceCodester Online Library System 1.0 controller.php IBSN sql injection

CVE-2024-26617 | Linux Kernel up to 6.7.2 MMU Notifications fs/proc/task_mmu race condition (05509adf2979/4cccb6221cae)

CVE-2024-9924 | Hgiga OAKlouds prior 1162 Incomplete Fix CVE-2024-26261 absolute path traversal

CVE-2024-1820 | code-projects Crime Reporting System 1.0 inchargelogin.php email/password sql injection