cve/CVE-2024-42738.md at a8969e132322a214e7b78da5711159d6f891f0ab

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio a8969e1323 Update CVE sources 2024-08-14 18:26

2024-08-14 18:26:11 +00:00

Description

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

POC

Reference

https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setDmzCfg/setDmzCfg.md

Github

No PoCs found on GitHub currently.

723 B Raw Blame History

CVE-2024-42738

Description

POC

Reference

Github

723 B

Raw Blame History