CVE-2023-51024

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 22, 2023

Updated: Dec 27, 2023

Summary

CVE-2023-51024 is a newly disclosed vulnerability affecting the TOTOlink EX1800T v9.1.0cu.2112_B20220316. An attacker can exploit this issue by sending malicious inputs to the 'tz' parameter in the 'setNtpCfg' interface of the cstecgi .cgi. Successful exploitation grants the attacker unauthorized arbitrary command execution privileges, potentially leading to serious security implications. Users are strongly advised to apply the necessary patches or updates to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TOTOLINK

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t1yIkK
https://www.cve.org/CVERecord?id=CVE-2023-51024
https://nvd.nist.gov/vuln/detail/CVE-2023-51024

Back to Vulnerability Database

CVE-2023-51024

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations