CVE-2024-52723

Published: Nov 22, 2024

Modified: Mar 13, 2025

PUBLISHED

Description

In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacker can achieve arbitrary command execution by constructing the payload.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://x6000r.com

https://gist.github.com/M4rg4tr01d/e84f8ed8dc27960d7c56ad289f6fb0ff

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-52723

Description

Affected Products

References