In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the...
Critical severity
Unreviewed
Published
Dec 2, 2023
to the GitHub Advisory Database
•
Updated Dec 15, 2023
Description
Published by the National Vulnerability Database
Dec 1, 2023
Published to the GitHub Advisory Database
Dec 2, 2023
Last updated
Dec 15, 2023
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability.
References