CVE-2024-41320 | TOTOLINK A6000R 1.0.1-B20201211.2000 get_apcli_conn_info ifname command injection

Posted by Angelo Barbosa | Jul 22, 2024 | CVE

A vulnerability has been found in TOTOLINK A6000R 1.0.1-B20201211.2000 and classified as critical. Affected by this vulnerability is the function get_apcli_conn_info. The manipulation of the argument ifname leads to command injection.

This vulnerability is known as CVE-2024-41320. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-41320 | TOTOLINK A6000R 1.0.1-B20201211.2000 get_apcli_conn_info ifname command injection

Related Posts

CVE-2024-2077 | SourceCodester Simple Online Bidding System 1.0 index.php category_id sql injection

CVE-2024-25980 | Moodle prior 4.3.3/4.1.9 H5P Attempts Report access control

CVE-2024-20419 | Cisco Smart Software Manager On-Prem 8-202206 HTTP Request unverified password change (cisco-sa-cssm-auth-sLw3uhUy)

CVE-2023-48803 | Totolink X6000R 9.4.0cu.852_B20230719 shttpd sub_4119A0 Privilege Escalation