Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-24152

Disclosure Date: February 03, 2023 (last updated February 24, 2025)
A command injection vulnerability in the serverIp parameter in the function meshSlaveUpdate of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0