1 results (0.003 seconds)
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 2
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 2CVE-2024-1781 – Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection
https://notcve.org/view.php?id=CVE-2024-1781
23 Feb 2024 — A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. • https://github.com/Icycu123/CVE-2024-1781 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •