VYPR
Unrated severityNVD Advisory· Published May 16, 2023· Updated Jan 23, 2025

CVE-2023-31856

CVE-2023-31856

Description

A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet.

Affected products

2
  • TOTOLINK/CP300+description
  • Totolink/CP300llm-fuzzy
    Range: = V5.2cu.7594_B20200910

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.