CVE-2024-24330

Summary

CVE-2024-24330 is a newly identified vulnerability affecting the TOTOLINK A3300R V17.0.0cu.557_B20221024 firmware. The issue lies within the setRemoteCfg function, where an attacker can execute command injection by manipulating the port or enable parameter. This vulnerability could potentially allow an unauthorized user to gain control over the affected device and execute arbitrary commands, leading to potential security risks and unintended consequences. Users are encouraged to update their firmware to the latest version that addresses this issue and implement network security measures to mitigate potential threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.