CVE-2023-4411
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 18, 2023
Updated: May 17, 2024
CWE ID 78
Summary
CVE-2023-4411 is a critical vulnerability discovered in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. The issue lies in the function setTracerouteCfg, which is susceptible to os command injection. Attackers can exploit this remotely, making it a significant security risk. The vulnerability, identified as VDB-237514, has been disclosed publicly, and the exploit is already known. Despite early notification, the vendor has not responded to the disclosure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- TOTOLINK