First published: Fri Jan 26 2024(Updated: )
A vulnerability was found in Totolink N350RT 9.3.5u.6255. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252187. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Totolink N350RT Firmware | =9.3.5u.6255 | |
Totolink N350RT Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-0943 has been declared problematic, indicating a significant security concern.
To mitigate CVE-2024-0943, update the Totolink N350RT firmware to version 9.3.5u.6255 or later.
CVE-2024-0943 affects the functionality of the file /cgi-bin/cstecgi.cgi in Totolink N350RT firmware version 9.3.5u.6255.
Yes, CVE-2024-0943 can be exploited remotely, leading to session expiration.
The impact of CVE-2024-0943 includes potential unauthorized session termination.