TOTOLINK EX1200L setTracerouteCfg os command injection
CVE-2023-4411
9.8CRITICAL
What is CVE-2023-4411?
A serious OS command injection vulnerability has been identified in the TOTOLINK EX1200L device, specifically affecting the setTracerouteCfg function. This flaw allows unauthorized users to execute arbitrary commands on the device remotely. The vulnerability has been publicly disclosed, and exploitation is feasible due to a lack of response from the vendor upon notification. Users are urged to secure their devices to prevent potential exploitation.
Affected Version(s)
EX1200L EN_V9.3.5u.6146_B20201023