CVSS 3.1 Score 9.8 of 10 (high)


Published Nov 30, 2023
Updated: Dec 7, 2023


The vulnerability with the CVE ID CVE-2023-48807 affects the TOTOLINK X6000R V9.4.0cu.852_B20230719 product. It is a command execution vulnerability caused by the sub_4119A0 function in the shttpd file, which obtains fields from the front-end and passes them to the CsteSystem function using the Uci_Set_Str function. The vulnerability has a CVSS base score of 9.8, indicating a critical severity level, with high impacts on integrity and confidentiality. The exploitability score is 3.9, and it requires no privileges or user interaction to be exploited over a network. Remediation steps are not provided in the available information.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48807 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options