CVE-2024-51228
MEDIUM EXPLOITED NUCLEITOTOLINK - RCE
Title source: llmDescription
An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote attacker to execute arbitrary code via the /boafrm/formSysCmd component.
Nuclei Templates (1)
TOTOLINK CX-A3002RU - Remote Code Execution
MEDIUMby DhiyaneshDK
Shodan:
html:"TOTOLINK"
Scores
CVSS v3
6.8
EPSS
0.6421
EPSS Percentile
98.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2025-10-29
CWE
CWE-78
Status
published
Published
Nov 27, 2024
Tracked Since
Feb 18, 2026