TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.
The vulnerability is located in the sub_449040 function, which is the formUploadFile handler in the web server process /bin/boa. This function does not properly filter user-supplied input data during file upload, which allows injection of arbitrary system commands. An attacker can craft an appropriate HTTP request and submit it to the device management interface without the need for authentication.
Successful exploitation of the vulnerability allows an attacker to remotely execute arbitrary commands with the privileges of the web server process, which in practice may result in complete takeover of the device, violation of confidentiality, integrity, and availability of the system.
Patches available from the manufacturer should be applied in accordance with the references. Until updates are applied, it is recommended to restrict access to the device management panel exclusively to trusted networks or IP addresses and to disable access to the administrative interface from the WAN side.
TOTOLINK X2000R_V2 with firmware version V2.0.0-B20230727.10434
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTotolink X2000r
HWTotolinkv2Totolink X2000r Firmware
OSTotolink2.0.0-b20230727.10434
Related vulnerabilities
Stack overflow w TOTOLINK X2000R przez funkcję formRebootSchedule
Stack overflow w TOTOLINK X2000R — podatność w funkcji formPasswordSetup
Stack overflow w TOTOLINK X2000R — funkcja formRoute umożliwia RCE
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formM...
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formW...