Vulnerability CVE-2023-48859


Published: 2023-12-06   Modified: 2023-12-14

Description:
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.

Type:

CWE-863

(Incorrect Authorization)

 References:
https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md

Copyright 2026, cxsecurity.com

 

Back to Top