Vulnerability Details CVE-2024-42743
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.128
EPSS Ranking 93.7%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-42743
-
cpe:2.3:h:totolink:x5000r:-
-
cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6369_b20230113