CVE-2023-51011

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 22, 2023
Updated: Dec 27, 2023

Summary

CVE-2023-51011: A critical vulnerability has been identified in the TOTOlink EX1800T v9.1.0cu.2112_B20220316. This issue allows unauthorized arbitrary command execution through the lanPriDns parameter of the setLanConfig interface in the cstecgi .cgi file. An attacker can exploit this vulnerability to gain control over the affected device, potentially leading to significant security risks. It is recommended that users immediately update their systems to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share