CVE-2023-48810

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 30, 2023
Updated: Dec 7, 2023
CWE ID 78

Summary

CVE-2023-48810 is a critical vulnerability found in the TOTOLINK X6000R V9.4.0cu.852_B20230719 product. The vulnerability allows for command execution when certain fields are obtained from the front-end and passed to the CsteSystem function through the Uci_Set_The_Str function in the shttpd file's sub_4119A0 function. This vulnerability poses a high risk to organizations as it can be exploited remotely over a network without requiring any privileges or user interaction. The impact of this vulnerability is also high, potentially leading to compromise of confidentiality, integrity, and availability of the affected system. It is important for organizations using this product to remediate the vulnerability promptly to mitigate potential risks.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48810 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options