Skeet

Name of the Vulnerable Software and Affected Versions Totolink A8000R version 5.9c.681 B20180413 Description A flaw exists in the `setLanguageCfg` function within the `/cgi-bin/cstecgi.cgi` file of Totolink A8000R version 5.9c.681 B20180413. Manipulation of the `langType` argument bypasses authentication, allowing for remote attacks. The exploit is publicly available. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/cgi-bin/cstecgi.cgi` file.