CVE-2023-4410

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 18, 2023

Updated: May 17, 2024

CWE ID 269

Summary

CVE-2023-4410 is a critical vulnerability impacting TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This issue affects the setDiagnosisCfg function, allowing an attacker to execute os commands through manipulation. The exploitation can be done remotely, making it a significant security risk. The vulnerability has been publicly disclosed, increasing the potential for exploitation, and has been assigned identifier VDB-237513. Regrettably, the vendor was contacted about this disclosure but failed to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sybmBG
https://www.cve.org/CVERecord?id=CVE-2023-4410
https://nvd.nist.gov/vuln/detail/CVE-2023-4410

Back to Vulnerability Database