CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-32352

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md
https://www.totolink.net/
https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md
https://www.totolink.net/

Products affected by CVE-2024-32352

Totolink » X5000r » Version: N/A

cpe:2.3:h:totolink:x5000r:-
Totolink » X5000r Firmware » Version: 9.1.0cu.2350_b20230313

cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2350_b20230313

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-32352

Products

Pricing

Contact Us