Command Injection Vulnerability in TOTOLINK A6000R Router
CVE-2024-57212
Currently unrated
Summary
The TOTOLINK A6000R Router firmware version V1.0.1-B20201211.2000 is susceptible to a command injection vulnerability through the opmode parameter in the action_reboot function. Exploiting this flaw may allow an attacker to execute arbitrary commands on the device, potentially leading to unauthorized access and control over the router. Users are advised to review their firmware versions and take appropriate actions to mitigate this risk.
References
Timeline
Vulnerability published