CVE-2024-42737 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi delBlacklist os command injection

Posted by Angelo Barbosa | Aug 13, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK X5000r 9.1.0cu.2350_b20230313. Affected is the function delBlacklist of the file /cgi-bin/cstecgi.cgi. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-42737. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-42737 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi delBlacklist os command injection

Related Posts

CVE-2023-34030 | Really Simple Plugins Complianz Plugin/Complianz Premium Plugin on WordPress cross-site request forgery

CVE-2024-40831 | Apple macOS up to 14.7 Photo Library permission

CVE-2024-41623 | D3D IP Camera D8801 9.1.17.1.4-20180428 Payload Local Privilege Escalation

CVE-2023-41169 | NetScout nGeniusONE 6.3.4 cross site scripting