Command Injection Vulnerability in TOTOLINK CA300-PoE by TOTOLINK
CVE-2023-24141
9.8CRITICAL
What is CVE-2023-24141?
A command injection vulnerability exists in the TOTOLINK CA300-PoE through the NetDiagPingTimeOut parameter within the setNetworkDiag function. This flaw allows an attacker to execute arbitrary commands on the device, potentially compromising its integrity and security. Users of affected versions should take immediate measures to safeguard their devices and apply necessary updates.