Command Injection Vulnerability in TOTOLINK A6000R V1.0.1-B20201211.2000
CVE-2024-41318

Currently unrated

Key Information:

Vendor: TOTOLINK
Status: A6000r Firmware
Vendor: CVE Published:; 22 July 2024

Summary

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.

References

https://github.com/yanggao017/vuln/blob/main/TOTOLINK/A60...

https://gist.github.com/yanggao017/dc88fb2e29291503addf1e...

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 22, 2024