VYPR
Unrated severityNVD Advisory· Published May 28, 2024· Updated Feb 13, 2025

CVE-2024-35401

CVE-2024-35401

Description

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.

Affected products

2
  • TOTOLINK/CP900Ldescription
  • Totolink/CP900Lllm-create
    Range: = v4.1.5cu.798_B20221228

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.