VYPR
Unrated severityNVD Advisory· Published Nov 30, 2023· Updated Aug 2, 2024

CVE-2023-48806

CVE-2023-48806

Description

In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.

Affected products

2
  • Totolink/X6000Rcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = V9.4.0cu.852_B20230719

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.