Command Execution Vulnerability in TOTOLINK X6000R
CVE-2023-48803
9.8CRITICAL
What is CVE-2023-48803?
The TOTOLINK X6000R router is vulnerable due to a command execution flaw in the shttpd file, specifically within the sub_4119A0 function. This function improperly processes input from the front-end, allowing the Uci_Set_Str function to pass unvalidated fields to the CsteSystem function. This can lead to unauthorized command execution, posing significant security risks to users if exploited.