CVE-2024-41315 | TOTOLINK A6000R 1.0.1-B20201211.2000 apcli_do_enr_pin_wps ifname command injection

Posted by Angelo Barbosa | Jul 22, 2024 | CVE

A vulnerability was found in TOTOLINK A6000R 1.0.1-B20201211.2000. It has been classified as critical. This affects the function apcli_do_enr_pin_wps. The manipulation of the argument ifname leads to command injection.

This vulnerability is uniquely identified as CVE-2024-41315. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-41315 | TOTOLINK A6000R 1.0.1-B20201211.2000 apcli_do_enr_pin_wps ifname command injection

Related Posts

CVE-2024-26469 | Tunis Product Designer Module prior 1.178.36 on PrestaShop postProcess url server-side request forgery

CVE-2023-43754 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 Permalink information disclosure

CVE-2024-45798 | Espressif arduino-esp32 code injection

CVE-2023-40148 | Ping Identity PingFederate up to 11.0.8/11.1.8/11.2.7/11.3.2 HTTP POST Request server-side request forgery