CVE-2024-7464

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 5, 2024
Updated: Aug 15, 2024
CWE ID 77

Summary

CVE-2024-7464 is a critical vulnerability affecting the Telnet Service component in TOTOLINK CP900 6.3c.566. This issue enables attackers to inject commands by manipulating the argument "telnet_enabled" used in the function setTelnetCfg. The exploit can be initiated remotely, and the vulnerability identification number VDB-273557 has been assigned to it. The vulnerability was disclosed to the public, and the exploit is currently in circulation, making this a significant threat. Despite early notification, the vendor has not responded to the disclosure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share