CVE-2024-42743

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 12, 2024

Updated: Aug 13, 2024

CWE ID 78

Summary

CVE-2024-42743 is a newly disclosed vulnerability affecting the TOTOLINK X5000r v9.1.0cu.2350_b20230313 router. The issue lies in the /cgi-bin/cstecgi.cgi file, where the setSyslogCfg function contains a vulnerability that allows authenticated attackers to inject and execute arbitrary OS commands. This vulnerability could potentially be exploited to gain unauthorized access and control over the affected device. It is essential for users to install the latest security patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xheSy5
https://www.cve.org/CVERecord?id=CVE-2024-42743
https://nvd.nist.gov/vuln/detail/CVE-2024-42743

Back to Vulnerability Database

CVE-2024-42743

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations