CVE-2023-48859 Information

Description

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control allows attackers to bypass front-end security restrictions and execute arbitrary code.

Reference

https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md