| Título | TOTOlink X18 V9.1.0cu.2024_B20220329 Command Injection |
|---|
| Descripción | In the setL2tpdConfig function in the firmware of X18 , there are arbitrary system command vulnerabilities and RCE vulnerabilities, which can be executed by arbitrary system commands to obtain server permissions, bounce shells, etc. |
|---|
| Fuente | ⚠️ https://github.com/stevenchen0x01/CVE2/blob/main/cve1.md |
|---|
| Usuario | Steven_Dra3w (UID 76559) |
|---|
| Sumisión | 2025-02-05 12:59 (hace 1 Año) |
|---|
| Moderación | 2025-02-15 15:51 (10 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 295955 [TOTOLINK X18 9.1.0cu.2024_B20220329 /cgi-bin/cstecgi.cgi setL2tpdConfig enable escalada de privilegios] |
|---|
| Puntos | 16 |
|---|