TOTOLINK EX1200L setWanCfg os command injection
CVE-2023-4412
9.8CRITICAL
What is CVE-2023-4412?
A security vulnerability has been identified in TOTOLINK EX1200L routers that allows for OS command injection via the setWanCfg function. This vulnerability can be exploited remotely, potentially allowing attackers to execute arbitrary commands on the affected device. The weakness was publicly disclosed, and the vendor has been made aware of it but did not provide a response. Users are encouraged to evaluate their risk and implement mitigation strategies to safeguard their networks from potential exploits.
Affected Version(s)
EX1200L EN_V9.3.5u.6146_B20201023