A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-08T05:31:03.711Z
Updated: 2024-08-01T18:04:48.551Z
Reserved: 2024-01-07T09:15:34.795Z
Link: CVE-2024-0299
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-08T06:15:44.593
Modified: 2024-05-17T02:34:30.130
Link: CVE-2024-0299
Redhat
No data.