First published: Tue Jan 16 2024(Updated: )
A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Affected by this vulnerability is the function formMapDelDevice of the file /boafrm/formMapDelDevice. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250795. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Totolink X2000R Firmware | =1.0.0-b20221212.1452 | |
Totolink X2000R Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-0579 is classified as a critical vulnerability due to the potential for command injection.
To fix CVE-2024-0579, users should upgrade to a patched version of the Totolink X2000R firmware.
CVE-2024-0579 affects the Totolink X2000R with firmware version 1.0.0-B20221212.1452.
CVE-2024-0579 can be exploited through command injection attacks via the formMapDelDevice function.
The vendor for CVE-2024-0579 is Totolink, responsible for the X2000R router.