CVE-2023-30013

CRITICAL NUCLEI

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 - OS Command Injection via Traceroute Configuration

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-30013. Includes Metasploit module exploits/linux/http/totolink_unauth_rce_cve_2023_30013. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated remote command execution vulnerability in multiple TOTOLINK routers via command injection in the `setTracerouteCfg` endpoint. It supports both direct command execution and staged payload delivery for MIPSLE architectures.

Description

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/totolink_unauth_rce_cve_2023_30013.rb

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated remote command execution vulnerability in multiple TOTOLINK routers via command injection in the `setTracerouteCfg` endpoint. It supports both direct command execution and staged payload delivery for MIPSLE architectures.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: TOTOLINK Wireless Routers (multiple models, e.g., X5000R, A7000R, A3700R, N200RE V5, N350RT, EX1200L)

No auth needed

Prerequisites: Network access to the target device · Vulnerable TOTOLINK router with exposed web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

TOTOLink - Unauthenticated Command Injection

CRITICALby gy741

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/2

View Exploit ZIP pw:eip

Exploit, Third Party Advisory

http://packetstormsecurity.com/files/174799/TOTOLINK-Wireless-Routers-Remote-Command-Execution.html

Scores

CVSS v3 9.8

EPSS 0.2589

EPSS Percentile 97.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

totolink/x5000r_firmware 9.1.0u.6118_b20201102

totolink/x5000r_firmware 9.1.0u.6369_b20230113

Published May 05, 2023

Tracked Since Feb 18, 2026