CVE-2024-32355
Severity CVSS v4.0:
Pending analysis
Type:
CWE-77
Command Injection
Publication date:
14/05/2024
Last modified:
04/04/2025
Description
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.
Impact
Base Score 3.x
8.00
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2350_b20230313:*:*:*:*:*:*:* | ||
cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page