CVE-2023-52026

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TOTOlink EX1800T version 9.1.0cu.2112 B20220316

Description A remote command execution vulnerability was discovered in the setTelnetCfg interface via the telnet enabled parameter. This issue allows for remote command execution.

Recommendations For version 9.1.0cu.2112 B20220316, consider disabling the telnet enabled parameter in the setTelnetCfg interface as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2023-52026

Affected Products

Totolink Ex1800T

CVE-2023-52026

Weakness Enumeration

Related Identifiers

Affected Products

References · 7