Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
| AND |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 14 Aug 2024 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2350_b20230313:*:*:*:*:*:*:* | |
| Metrics |
ssvc
|
Tue, 13 Aug 2024 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Totolink
Totolink x5000r Totolink x5000r Firmware |
|
| Weaknesses | CWE-78 | |
| CPEs | cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6369_b20230113:*:*:*:*:*:*:* |
|
| Vendors & Products |
Totolink
Totolink x5000r Totolink x5000r Firmware |
|
| Metrics |
cvssV3_1
|
Tue, 13 Aug 2024 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-14T15:00:53.166Z
Reserved: 2024-08-05T00:00:00.000Z
Link: CVE-2024-42738
Vulnrichment
Updated: 2024-08-14T15:00:21.943Z
NVD
Status : Modified
Published: 2024-08-13T14:15:13.710
Modified: 2024-08-14T16:35:16.850
Link: CVE-2024-42738
Redhat
No data.
OpenCVE Enrichment
No data.