CVE-2024-42739

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

HouseFuzz/reports
HouseFuzz/reports
CVE reports
GitHubGitHub
3