Vulnerabilities > CVE-2023-51015 - Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

totolink

critical

NVD

Published: 2023-12-22

Updated: 2023-12-27

Summary

TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi

Vulnerable Configurations

Part	Description	Count
OS	Totolink Totolink Ex1800T Firmware 9.1.0Cu.2112_B20220316	1
Hardware	Totolink Totolink Ex1800T -	1

References

https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setDmzCfg/