Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
| AND |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 14 Aug 2024 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-94 | |
| Metrics |
ssvc
|
Tue, 13 Aug 2024 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Totolink
Totolink x5000r Totolink x5000r Firmware |
|
| Weaknesses | CWE-78 | |
| CPEs | cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6369_b20230113:*:*:*:*:*:*:* |
|
| Vendors & Products |
Totolink
Totolink x5000r Totolink x5000r Firmware |
|
| Metrics |
cvssV3_1
|
Tue, 13 Aug 2024 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-14T14:45:59.649Z
Reserved: 2024-08-05T00:00:00.000Z
Link: CVE-2024-42739
Vulnrichment
Updated: 2024-08-14T14:45:46.888Z
NVD
Status : Modified
Published: 2024-08-13T14:15:13.940
Modified: 2024-08-14T15:35:13.153
Link: CVE-2024-42739
Redhat
No data.
OpenCVE Enrichment
No data.