Vulnerabilities > Totolink > X6000R Firmware > 9.4.0cu.1041.b20240224

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2024-52723 OS Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.1041B20240224
In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering.
network
low complexity
totolink CWE-78
critical
9.8