CVE-2024-57017 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg pass os command injection

Posted by Angelo Barbosa | Jan 15, 2025 | CVE

A vulnerability has been found in TOTOLINK X5000R 9.1.0cu.2350_B20230313 and classified as critical. This vulnerability affects the function setVpnAccountCfg. The manipulation of the argument pass leads to os command injection.

This vulnerability was named CVE-2024-57017. The attack can be initiated remotely. There is no exploit available.

CVE-2024-57017 | TOTOLINK X5000R 9.1.0cu.2350_B20230313 setVpnAccountCfg pass os command injection

Related Posts

CVE-2024-35361 | MTab Bookmark up to 1.9.5 /LinkStore/getIcon sql injection (Issue 37)

CVE-2023-48741 | QuantumCloud AI ChatBot Plugin up to 4.7.8 on WordPress sql injection

CVE-2024-1389 | iovamihai Paid Membership Subscriptions Plugin up to 2.11.1 on WordPress pms_stripe_connect_handle_authorization_return

CVE-2024-4074 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 prodInfo.php prodId cross site scripting