CVE-2024-34210
7.3HIGHTOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.
Published: 5/14/2024Updated: 4/9/2025
Description
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.
AI AnalysisPowered by AI
Affected Products
totolinkcp450_firmware
4.1.0cu.747_b20191224
totolinkcp450
-
References
- https://github.com/n0wstr/IOTVuln/tree/main/CP450/CloudACMunualUpdate_injectionExploitThird Party Advisory
- https://github.com/n0wstr/IOTVuln/tree/main/CP450/CloudACMunualUpdate_injectionExploitThird Party Advisory