A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this issue is the function setUssd of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ussd leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249860. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-08T03:00:05.196Z
Updated: 2024-08-01T18:04:49.480Z
Reserved: 2024-01-07T08:58:41.176Z
Link: CVE-2024-0294
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-08T03:15:14.050
Modified: 2024-11-21T08:46:15.223
Link: CVE-2024-0294
Redhat
No data.