CVE-2024-57214

CWE-77Command Injection3 documents3 sources
Severity
6.3MEDIUM
EPSS
1.2%
top 21.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Totolink A6000r Firmware
Timeline
PublishedJan 10

Description

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages1 packages

NVDtotolink/a6000r_firmware1.0.1-b20201211.2000

🔴Vulnerability Details

2
CVEList
CVE-2024-57214: TOTOLINK A6000R V12025-01-10
GHSA
GHSA-r79f-v7w7-jv39: TOTOLINK A6000R V12025-01-10
CVE-2024-57214 (MEDIUM CVSS 6.3) | TOTOLINK A6000R V1.0.1-B20201211.20 | cvebase.io