Remote Code Execution Vulnerability in TOTOLINK Networking Products
CVE-2024-51228

Currently unrated

Key Information:

Vendor
TOTOLINK
Vendor
CVE Published:
27 November 2024

Summary

An issue in certain TOTOLINK networking products enables remote attackers to execute arbitrary code through the /boafrm/formSysCmd component. This vulnerability affects multiple versions of the CX series routers and can lead to serious security breaches if exploited, allowing unauthorized access and control over the affected devices.

References

EPSS Score

67% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

.