CVSS 3.1 Score 9.8 of 10 (high)


Published Nov 30, 2023
Updated: Dec 7, 2023


CVE-2023-48804 is a critical vulnerability that affects the TOTOLINK X6000R V9.4.0cu.852_B20230719 product. The vulnerability allows command execution when certain fields obtained from the front-end are passed to the CsteSystem function through the Uci_Set_Str function in the shttpd file's sub_4119A0 function. The vulnerability has a base severity score of 9.8 and a CVSS vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a high impact on integrity and confidentiality. No user interaction or privileges are required for exploitation, and it can be exploited over a network. To remediate the vulnerability, organizations using the affected product should update it to a patched version as soon as one becomes available to prevent potential attacks that can compromise their systems.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48804 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options