CVE-2023-46421

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 25, 2023

Updated: Nov 1, 2023

CWE ID 77

Summary

CVE-2023-46421 is a remote command execution (RCE) vulnerability affecting TOTOLINK X6000R v9.4.0cu.652_B20230116. Hackers can exploit this vulnerability by targeting the sub_411D00 function, allowing them to execute arbitrary commands on the affected device. This issue poses a serious security risk, as an attacker could potentially gain full control of the router and cause significant damage or steal sensitive information. Users are advised to update their firmware as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Totolink X6000R Firmware

Affected Vendors

TOTOLINK

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tGpFtw
https://www.cve.org/CVERecord?id=CVE-2023-46421
https://nvd.nist.gov/vuln/detail/CVE-2023-46421

Back to Vulnerability Database