Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-52723

Disclosure Date: November 22, 2024 (last updated December 18, 2024)
In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacker can achieve arbitrary command execution by constructing the payload.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0