CVE-2023-51027

Name of the Vulnerable Software and Affected Versions TOTOlink EX1800T version 9.1.0cu.2112 B20220316

Description The issue concerns unauthorized arbitrary command execution. It is related to the apcliAuthMode parameter in the "setWiFiExtenderConfig" interface of the "cstecgi .cgi".

Recommendations For TOTOlink EX1800T version 9.1.0cu.2112 B20220316, consider restricting access to the setWiFiExtenderConfig interface of the cstecgi .cgi to minimize the risk of exploitation. Avoid using the apcliAuthMode parameter in the affected interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.