exploitDog

CVE-2023-46424

Опубликовано: 25 окт. 2023

Источник: nvd

CVSS3: 9.8

CVSS3: 8.8

EPSS Низкий

Описание

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function.

Ссылки

https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/3/1.md
Exploit
Third Party Advisory
https://www.totolink.cn/index.php/home/menu/detail.html?menu_listtpl=download&id=88&ids=36
Product
https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/3/1.md
Exploit
Third Party Advisory
https://www.totolink.cn/index.php/home/menu/detail.html?menu_listtpl=download&id=88&ids=36
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.652_b20230116:*:*:*:*:*:*:*

cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05045

Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-77

CWE-77

Связанные уязвимости

GHSA-hf46-6xmq-c82c

CVSS3: 9.8

github

больше 2 лет назад

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function.

EPSS

Процентиль: 90%

0.05045

Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-77

CWE-77