CVE-2023-4746
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-4746 is a newly disclosed critical vulnerability that impacts the TOTOLINK N200RE V5 with firmware version 9.3.5u.6437_B20230519. The issue lies within the Validity_check function, resulting in a format string vulnerability. An attacker can remotely manipulate this vulnerability, leading to OS command injection by bypassing the validation checks. The root cause is a format string issue, and the impact includes potential unauthorized system control. The vulnerability identifier is VDB-238635, and public exploits for this vulnerability have already been disclosed.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Knovos
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions