zxsssd/TotoLink-

Releases0

Stars1

cstecgi.cgi的setTracerouteCfg接口存在未授权任意命令执行

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-48192 ↗	Nov 20, 2023Monday, 20 November 2023, 22:15	7.8 HIGH	—
An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.