CVE-2024-57011

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 15, 2025
Updated: Jan 16, 2025
CWE ID 78

Summary

CVE-2024-57011 is a newly identified vulnerability affecting the TOTOLINK X5000R V9.1.0cu.2350_B20230313 firmware. Hackers can exploit this OS command injection flaw via the "minute" parameters in the setScheduleCfg function. Successful exploitation could allow attackers to execute arbitrary system commands, potentially gaining unauthorized access or control over the affected device. This vulnerability poses a significant risk to users and requires an immediate update to the affected firmware to mitigate the threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share