CVE-2024-42736 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi addBlacklist os command injection

Posted by Angelo Barbosa | Aug 13, 2024 | CVE

A vulnerability was found in TOTOLINK X5000r 9.1.0cu.2350_b20230313. It has been rated as critical. This issue affects the function addBlacklist of the file /cgi-bin/cstecgi.cgi. The manipulation leads to os command injection.

The identification of this vulnerability is CVE-2024-42736. The attack may be initiated remotely. There is no exploit available.

CVE-2024-42736 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi addBlacklist os command injection

Related Posts

CVE-2023-51618 | D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity stack-based overflow

CVE-2024-24690 | Zoom Desktop Client input validation

CVE-2024-6019 | Music Request Manager Plugin up to 1.3 on WordPress cross site scripting

CVE-2024-39323 | aimeos ai-admin-graphql up to 2022.10.9/2023.10.5/2024.04.5 insufficient granularity of access control (GHSA-vc7j-99jw-jrqm)