| Titel | TOTOlink X18 V9.1.0cu.2024_B20220329 Command Injection |
|---|
| Beschreibung | In the setL2tpdConfig function in the firmware of X18 , there are arbitrary system command vulnerabilities and RCE vulnerabilities, which can be executed by arbitrary system commands to obtain server permissions, bounce shells, etc. |
|---|
| Quelle | ⚠️ https://github.com/stevenchen0x01/CVE2/blob/main/cve1.md |
|---|
| Benutzer | Steven_Dra3w (UID 76559) |
|---|
| Einreichung | 05.02.2025 12:59 (vor 1 Jahr) |
|---|
| Moderieren | 15.02.2025 15:51 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 295955 [TOTOLINK X18 9.1.0cu.2024_B20220329 /cgi-bin/cstecgi.cgi setL2tpdConfig enable erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|