| |
Vulnerability CVE-2024-42748
Published: 2024-08-12
| Description: |
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. |
References: |
https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWiFiWpsCfg/setWiFiWpsCfg.md
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
