TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.
References
Link | Resource |
---|---|
http://totolink.com | Product |
https://github.com/JeeseenSec/Report/tree/main/TOTOLINK%2CThanks | |
https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569 | Exploit Third Party Advisory |
https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.html | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 04:14
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
12 Jun 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569 - Exploit, Third Party Advisory | |
References | (MISC) http://totolink.com - Product | |
References | (MISC) https://github.com/JeeseenSec/Report/tree/main/TOTOLINK,Thanks - Broken Link | |
References | (MISC) https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.html - Product | |
First Time |
Totolink
Totolink x5000r Firmware Totolink x5000r |
|
CWE | CWE-77 | |
CPE | cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2350_b20230313:*:*:*:*:*:*:* cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
06 Jun 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-06 14:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-31569
Mitre link : CVE-2023-31569
CVE.ORG link : CVE-2023-31569
JSON object : View
Products Affected
totolink
- x5000r
- x5000r_firmware
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')