Command Injection Vulnerability in TOTOLINK A6000R Router
CVE-2024-57213
Currently unrated
What is CVE-2024-57213?
The TOTOLINK A6000R router is vulnerable to a command injection flaw that arises from improper handling of the newpasswd parameter within the action_passwd function. This vulnerability enables attackers to execute arbitrary commands on the device, potentially leading to a full compromise of the router's functionality and security. To mitigate this risk, users are advised to update to the latest firmware version and implement secure password practices.