CVE-2023-33486 Information

Description

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setOpModeCfg. This vulnerability allows an attacker to execute arbitrary commands through the \hostName\ parameter.

Reference

https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/3